From c22b19d6aa3006195b4c5b3232d192c9234125a7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:08:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0725.json | 150 +++++++-------- 1999/0xxx/CVE-1999-0886.json | 140 +++++++------- 1999/1xxx/CVE-1999-1237.json | 130 ++++++------- 2000/1xxx/CVE-2000-1228.json | 150 +++++++-------- 2005/2xxx/CVE-2005-2240.json | 160 ++++++++-------- 2005/2xxx/CVE-2005-2501.json | 160 ++++++++-------- 2005/2xxx/CVE-2005-2708.json | 210 ++++++++++---------- 2007/1xxx/CVE-2007-1670.json | 170 ++++++++--------- 2007/1xxx/CVE-2007-1841.json | 310 +++++++++++++++--------------- 2007/5xxx/CVE-2007-5441.json | 150 +++++++-------- 2007/5xxx/CVE-2007-5976.json | 200 +++++++++---------- 2009/2xxx/CVE-2009-2477.json | 260 ++++++++++++------------- 2009/2xxx/CVE-2009-2859.json | 160 ++++++++-------- 2015/0xxx/CVE-2015-0679.json | 130 ++++++------- 2015/3xxx/CVE-2015-3031.json | 34 ++-- 2015/3xxx/CVE-2015-3278.json | 120 ++++++------ 2015/3xxx/CVE-2015-3328.json | 34 ++-- 2015/3xxx/CVE-2015-3714.json | 150 +++++++-------- 2015/4xxx/CVE-2015-4086.json | 34 ++-- 2015/4xxx/CVE-2015-4220.json | 140 +++++++------- 2015/4xxx/CVE-2015-4757.json | 240 +++++++++++------------ 2015/8xxx/CVE-2015-8035.json | 360 +++++++++++++++++------------------ 2015/8xxx/CVE-2015-8257.json | 140 +++++++------- 2015/8xxx/CVE-2015-8288.json | 130 ++++++------- 2015/8xxx/CVE-2015-8712.json | 190 +++++++++--------- 2015/8xxx/CVE-2015-8755.json | 140 +++++++------- 2015/9xxx/CVE-2015-9079.json | 34 ++-- 2016/1xxx/CVE-2016-1875.json | 34 ++-- 2016/5xxx/CVE-2016-5097.json | 190 +++++++++--------- 2016/5xxx/CVE-2016-5274.json | 210 ++++++++++---------- 2016/5xxx/CVE-2016-5340.json | 160 ++++++++-------- 2016/5xxx/CVE-2016-5512.json | 130 ++++++------- 2016/5xxx/CVE-2016-5779.json | 34 ++-- 2018/2xxx/CVE-2018-2056.json | 34 ++-- 2018/2xxx/CVE-2018-2837.json | 160 ++++++++-------- 2018/6xxx/CVE-2018-6558.json | 158 +++++++-------- 2018/6xxx/CVE-2018-6656.json | 130 ++++++------- 2018/6xxx/CVE-2018-6837.json | 34 ++-- 2019/0xxx/CVE-2019-0238.json | 142 +++++++------- 2019/0xxx/CVE-2019-0488.json | 34 ++-- 2019/0xxx/CVE-2019-0741.json | 130 ++++++------- 2019/0xxx/CVE-2019-0840.json | 34 ++-- 2019/1xxx/CVE-2019-1122.json | 34 ++-- 2019/1xxx/CVE-2019-1328.json | 34 ++-- 2019/1xxx/CVE-2019-1399.json | 34 ++-- 2019/1xxx/CVE-2019-1407.json | 34 ++-- 2019/1xxx/CVE-2019-1901.json | 34 ++-- 2019/4xxx/CVE-2019-4804.json | 34 ++-- 2019/5xxx/CVE-2019-5549.json | 34 ++-- 2019/5xxx/CVE-2019-5567.json | 34 ++-- 2019/5xxx/CVE-2019-5594.json | 34 ++-- 2019/5xxx/CVE-2019-5646.json | 34 ++-- 52 files changed, 3090 insertions(+), 3090 deletions(-) diff --git a/1999/0xxx/CVE-1999-0725.json b/1999/0xxx/CVE-1999-0725.json index 414352b9f33..cc4ad0b57af 100644 --- a/1999/0xxx/CVE-1999-0725.json +++ b/1999/0xxx/CVE-1999-0725.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. \"Double Byte Code Page\"." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q233335", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q233335" - }, - { - "name" : "MS99-022", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-022" - }, - { - "name" : "477", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/477" - }, - { - "name" : "iis-double-byte-code-page(2302)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. \"Double Byte Code Page\"." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "477", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/477" + }, + { + "name": "MS99-022", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-022" + }, + { + "name": "Q233335", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q233335" + }, + { + "name": "iis-double-byte-code-page(2302)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2302" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0886.json b/1999/0xxx/CVE-1999-0886.json index 0af1f8ebb45..ff6e473ea2d 100644 --- a/1999/0xxx/CVE-1999-0886.json +++ b/1999/0xxx/CVE-1999-0886.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0886", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0886", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "Q242294", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242294" - }, - { - "name" : "MS99-041", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-041" - }, - { - "name" : "645", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q242294", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242294" + }, + { + "name": "MS99-041", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-041" + }, + { + "name": "645", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/645" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1237.json b/1999/1xxx/CVE-1999-1237.json index 4b4c8e5f1d6..e6de25e731e 100644 --- a/1999/1xxx/CVE-1999-1237.json +++ b/1999/1xxx/CVE-1999-1237.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1237", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1237", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990606 Buffer overflows in smbval library", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/14384" - }, - { - "name" : "smbvalid-bo(2272)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/2272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in smbvalid/smbval SMB authentication library, as used in Apache::AuthenSmb and possibly other modules, allows remote attackers to execute arbitrary commands via (1) a long username, (2) a long password, and (3) other unspecified methods." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990606 Buffer overflows in smbval library", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/14384" + }, + { + "name": "smbvalid-bo(2272)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/2272" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1228.json b/2000/1xxx/CVE-2000-1228.json index a66da8ec37f..c3717530355 100644 --- a/2000/1xxx/CVE-2000-1228.json +++ b/2000/1xxx/CVE-2000-1228.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000106 Phorum 3.0.7 exploits and IDS signatures", - "refsource" : "BUGTRAQ", - "url" : "http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html" - }, - { - "name" : "http://hispahack.ccc.de/mi020.html", - "refsource" : "MISC", - "url" : "http://hispahack.ccc.de/mi020.html" - }, - { - "name" : "http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm", - "refsource" : "MISC", - "url" : "http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm" - }, - { - "name" : "2271", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/2271" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2271", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/2271" + }, + { + "name": "http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm", + "refsource": "MISC", + "url": "http://www.digitalsec.net/stuff/z-mirrors/hispahack/mi020.htm" + }, + { + "name": "20000106 Phorum 3.0.7 exploits and IDS signatures", + "refsource": "BUGTRAQ", + "url": "http://cert.uni-stuttgart.de/archive/bugtraq/2000/01/msg00215.html" + }, + { + "name": "http://hispahack.ccc.de/mi020.html", + "refsource": "MISC", + "url": "http://hispahack.ccc.de/mi020.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2240.json b/2005/2xxx/CVE-2005-2240.json index 38826ffcae7..bfb6cbd09d3 100644 --- a/2005/2xxx/CVE-2005-2240.json +++ b/2005/2xxx/CVE-2005-2240.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2240", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files via a symlink attack on the xpvm.trace.$user temporary file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2240", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zataz.net/adviso/xpvm-06272005.txt", - "refsource" : "MISC", - "url" : "http://www.zataz.net/adviso/xpvm-06272005.txt" - }, - { - "name" : "DSA-1003", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2006/dsa-1003" - }, - { - "name" : "14228", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14228" - }, - { - "name" : "16040", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16040" - }, - { - "name" : "19251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "xpvm.tcl in xpvm 1.2.5 allows local users to overwrite arbitrary files via a symlink attack on the xpvm.trace.$user temporary file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16040", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16040" + }, + { + "name": "14228", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14228" + }, + { + "name": "DSA-1003", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2006/dsa-1003" + }, + { + "name": "http://www.zataz.net/adviso/xpvm-06272005.txt", + "refsource": "MISC", + "url": "http://www.zataz.net/adviso/xpvm-06272005.txt" + }, + { + "name": "19251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19251" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2501.json b/2005/2xxx/CVE-2005-2501.json index 3bf34f0fffd..d682449b531 100644 --- a/2005/2xxx/CVE-2005-2501.json +++ b/2005/2xxx/CVE-2005-2501.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2501", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2501", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "APPLE-SA-2005-08-15", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" - }, - { - "name" : "APPLE-SA-2005-08-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" - }, - { - "name" : "TA05-229A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA05-229A.html" - }, - { - "name" : "VU#435188", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/435188" - }, - { - "name" : "1014695", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2 allows external user-assisted attackers to execute arbitrary code via a crafted Rich Text Format (RTF) file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014695", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014695" + }, + { + "name": "TA05-229A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA05-229A.html" + }, + { + "name": "APPLE-SA-2005-08-15", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html" + }, + { + "name": "VU#435188", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/435188" + }, + { + "name": "APPLE-SA-2005-08-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2708.json b/2005/2xxx/CVE-2005-2708.json index 7b01d9d228b..2259906a114 100644 --- a/2005/2xxx/CVE-2005-2708.json +++ b/2005/2xxx/CVE-2005-2708.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161925", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161925" - }, - { - "name" : "FLSA:157459-1", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/428028/100/0/threaded" - }, - { - "name" : "FLSA:157459-2", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/428058/100/0/threaded" - }, - { - "name" : "RHSA-2006:0140", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0140.html" - }, - { - "name" : "RHSA-2006:0190", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0190.html" - }, - { - "name" : "16320", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16320" - }, - { - "name" : "oval:org.mitre.oval:def:10649", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10649" - }, - { - "name" : "18523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18523" - }, - { - "name" : "18562", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18562" - }, - { - "name" : "18684", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18684" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The search_binary_handler function in exec.c in Linux 2.4 kernel on 64-bit x86 architectures does not check a return code for a particular function call when virtual memory is low, which allows local users to cause a denial of service (panic), as demonstrated by running a process using the bash ulimit -v command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2006:0140", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0140.html" + }, + { + "name": "18684", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18684" + }, + { + "name": "16320", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16320" + }, + { + "name": "oval:org.mitre.oval:def:10649", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10649" + }, + { + "name": "FLSA:157459-2", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/428058/100/0/threaded" + }, + { + "name": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161925", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161925" + }, + { + "name": "18523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18523" + }, + { + "name": "RHSA-2006:0190", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0190.html" + }, + { + "name": "FLSA:157459-1", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/428028/100/0/threaded" + }, + { + "name": "18562", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18562" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1670.json b/2007/1xxx/CVE-2007-1670.json index eb1d84e786f..b8ce61fb527 100644 --- a/2007/1xxx/CVE-2007-1670.json +++ b/2007/1xxx/CVE-2007-1670.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1670", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1670", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070504 Multiple vendors ZOO file decompression infinite loop DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467646/100/0/threaded" - }, - { - "name" : "23823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23823" - }, - { - "name" : "35845", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35845" - }, - { - "name" : "ADV-2007-1700", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1700" - }, - { - "name" : "25152", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25152" - }, - { - "name" : "multiple-vendor-zoo-dos(34080)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Panda Software Antivirus before 20070402 allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "multiple-vendor-zoo-dos(34080)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34080" + }, + { + "name": "25152", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25152" + }, + { + "name": "23823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23823" + }, + { + "name": "ADV-2007-1700", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1700" + }, + { + "name": "20070504 Multiple vendors ZOO file decompression infinite loop DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467646/100/0/threaded" + }, + { + "name": "35845", + "refsource": "OSVDB", + "url": "http://osvdb.org/35845" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1841.json b/2007/1xxx/CVE-2007-1841.json index f49f30995dd..d3ccf88792d 100644 --- a/2007/1xxx/CVE-2007-1841.json +++ b/2007/1xxx/CVE-2007-1841.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1841", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Ipsec-tools-devel] 20070406 Ipsec-tools 0.6.7 released", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_name=20070406123739.GA1546%40zen.inc" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=499192&group_id=74601", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=499192&group_id=74601" - }, - { - "name" : "DSA-1299", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1299" - }, - { - "name" : "GLSA-200705-09", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-09.xml" - }, - { - "name" : "MDKSA-2007:084", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:084" - }, - { - "name" : "RHSA-2007:0342", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2007-0342.html" - }, - { - "name" : "SUSE-SR:2007:008", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_8_sr.html" - }, - { - "name" : "USN-450-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-450-1" - }, - { - "name" : "23394", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23394" - }, - { - "name" : "oval:org.mitre.oval:def:10504", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10504" - }, - { - "name" : "ADV-2007-1310", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1310" - }, - { - "name" : "1018086", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018086" - }, - { - "name" : "24815", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24815" - }, - { - "name" : "24833", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24833" - }, - { - "name" : "24826", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24826" - }, - { - "name" : "25072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25072" - }, - { - "name" : "25142", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25142" - }, - { - "name" : "25322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25322" - }, - { - "name" : "25560", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25560" - }, - { - "name" : "ipsectools-isakmpinforecv-dos(33541)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33541" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:10504", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10504" + }, + { + "name": "GLSA-200705-09", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-09.xml" + }, + { + "name": "23394", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23394" + }, + { + "name": "ADV-2007-1310", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1310" + }, + { + "name": "25322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25322" + }, + { + "name": "USN-450-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-450-1" + }, + { + "name": "24826", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24826" + }, + { + "name": "MDKSA-2007:084", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:084" + }, + { + "name": "ipsectools-isakmpinforecv-dos(33541)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33541" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=499192&group_id=74601", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=499192&group_id=74601" + }, + { + "name": "24815", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24815" + }, + { + "name": "1018086", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018086" + }, + { + "name": "[Ipsec-tools-devel] 20070406 Ipsec-tools 0.6.7 released", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_name=20070406123739.GA1546%40zen.inc" + }, + { + "name": "25560", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25560" + }, + { + "name": "SUSE-SR:2007:008", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_8_sr.html" + }, + { + "name": "24833", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24833" + }, + { + "name": "DSA-1299", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1299" + }, + { + "name": "RHSA-2007:0342", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2007-0342.html" + }, + { + "name": "25072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25072" + }, + { + "name": "25142", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25142" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5441.json b/2007/5xxx/CVE-2007-5441.json index 91a9dc7ba3f..f8468d0202c 100644 --- a/2007/5xxx/CVE-2007-5441.json +++ b/2007/5xxx/CVE-2007-5441.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5441", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an \"admin/adminlog.php?page=1\" request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5441", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071010 Several vulnerabilities in CMS Made Simple 1.1.3.1", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481984/100/0/threaded" - }, - { - "name" : "http://blog.cmsmadesimple.org/2007/10/07/announcing-cms-made-simple-1141/", - "refsource" : "CONFIRM", - "url" : "http://blog.cmsmadesimple.org/2007/10/07/announcing-cms-made-simple-1141/" - }, - { - "name" : "45481", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45481" - }, - { - "name" : "3223", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3223" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an \"admin/adminlog.php?page=1\" request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071010 Several vulnerabilities in CMS Made Simple 1.1.3.1", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481984/100/0/threaded" + }, + { + "name": "45481", + "refsource": "OSVDB", + "url": "http://osvdb.org/45481" + }, + { + "name": "http://blog.cmsmadesimple.org/2007/10/07/announcing-cms-made-simple-1141/", + "refsource": "CONFIRM", + "url": "http://blog.cmsmadesimple.org/2007/10/07/announcing-cms-made-simple-1141/" + }, + { + "name": "3223", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3223" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5976.json b/2007/5xxx/CVE-2007-5976.json index 5bc0ebabbab..a22ae121478 100644 --- a/2007/5xxx/CVE-2007-5976.json +++ b/2007/5xxx/CVE-2007-5976.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html", - "refsource" : "MISC", - "url" : "http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=553333", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=553333" - }, - { - "name" : "FEDORA-2007-3666", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00777.html" - }, - { - "name" : "MDKSA-2007:229", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:229" - }, - { - "name" : "26512", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26512" - }, - { - "name" : "ADV-2007-3824", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3824" - }, - { - "name" : "27630", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27630" - }, - { - "name" : "27753", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27753" - }, - { - "name" : "phpmyadmin-dbcreate-sql-injection(38403)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38403" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27630", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27630" + }, + { + "name": "26512", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26512" + }, + { + "name": "ADV-2007-3824", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3824" + }, + { + "name": "27753", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27753" + }, + { + "name": "phpmyadmin-dbcreate-sql-injection(38403)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38403" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=553333", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=553333" + }, + { + "name": "http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html", + "refsource": "MISC", + "url": "http://www.digitrustgroup.com/advisories/tdg-advisory071108a.html" + }, + { + "name": "FEDORA-2007-3666", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00777.html" + }, + { + "name": "MDKSA-2007:229", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:229" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2477.json b/2009/2xxx/CVE-2009-2477.json index 9278058f9a5..23059666772 100644 --- a/2009/2xxx/CVE-2009-2477.json +++ b/2009/2xxx/CVE-2009-2477.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40936", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40936/" - }, - { - "name" : "9137", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9137" - }, - { - "name" : "9181", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9181" - }, - { - "name" : "http://isc.sans.org/diary.html?storyid=6796", - "refsource" : "MISC", - "url" : "http://isc.sans.org/diary.html?storyid=6796" - }, - { - "name" : "http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761", - "refsource" : "MISC", - "url" : "http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761" - }, - { - "name" : "http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html", - "refsource" : "MISC", - "url" : "http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html" - }, - { - "name" : "http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/", - "refsource" : "CONFIRM", - "url" : "http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=503286", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=503286" - }, - { - "name" : "http://www.mozilla.org/security/announce/2009/mfsa2009-41.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2009/mfsa2009-41.html" - }, - { - "name" : "FEDORA-2009-7898", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html" - }, - { - "name" : "266148", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1" - }, - { - "name" : "VU#443060", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/443060" - }, - { - "name" : "35660", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35660" - }, - { - "name" : "35798", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35798" - }, - { - "name" : "ADV-2009-1868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1868" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "js/src/jstracer.cpp in the Just-in-time (JIT) JavaScript compiler (aka TraceMonkey) in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by a document containing P and FONT elements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=503286", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=503286" + }, + { + "name": "VU#443060", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/443060" + }, + { + "name": "FEDORA-2009-7898", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2009-July/msg00909.html" + }, + { + "name": "40936", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40936/" + }, + { + "name": "http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html", + "refsource": "MISC", + "url": "http://voices.washingtonpost.com/securityfix/2009/07/stopgap_fix_for_critical_firef.html" + }, + { + "name": "http://isc.sans.org/diary.html?storyid=6796", + "refsource": "MISC", + "url": "http://isc.sans.org/diary.html?storyid=6796" + }, + { + "name": "266148", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-266148-1" + }, + { + "name": "35660", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35660" + }, + { + "name": "9181", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9181" + }, + { + "name": "35798", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35798" + }, + { + "name": "http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/", + "refsource": "CONFIRM", + "url": "http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/" + }, + { + "name": "ADV-2009-1868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1868" + }, + { + "name": "9137", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9137" + }, + { + "name": "http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761", + "refsource": "MISC", + "url": "http://www.h-online.com/security/First-Zero-Day-Exploit-for-Firefox-3-5--/news/113761" + }, + { + "name": "http://www.mozilla.org/security/announce/2009/mfsa2009-41.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2009/mfsa2009-41.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2859.json b/2009/2xxx/CVE-2009-2859.json index d612bc05bfb..e206a7c6b4e 100644 --- a/2009/2xxx/CVE-2009-2859.json +++ b/2009/2xxx/CVE-2009-2859.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2859", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2859", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024075", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24024075" - }, - { - "name" : "IZ34149", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ34149" - }, - { - "name" : "36313", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36313" - }, - { - "name" : "ADV-2009-2293", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2293" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM DB2 8.1 before FP18 allows attackers to obtain unspecified access via a das command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT", + "refsource": "CONFIRM", + "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT" + }, + { + "name": "IZ34149", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ34149" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24024075", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24024075" + }, + { + "name": "36313", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36313" + }, + { + "name": "ADV-2009-2293", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2293" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0679.json b/2015/0xxx/CVE-2015-0679.json index 34a3257efbe..e2f70bc8b7a 100644 --- a/2015/0xxx/CVE-2015-0679.json +++ b/2015/0xxx/CVE-2015-0679.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0679", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-0679", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150326 Cisco Wireless LAN Controller Task Name aaaQueueReader Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076" - }, - { - "name" : "1031990", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031990" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7.4(110.0) allows remote attackers to cause a denial of service (device reload) via a malformed password, aka Bug ID CSCui57980." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031990", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031990" + }, + { + "name": "20150326 Cisco Wireless LAN Controller Task Name aaaQueueReader Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38076" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3031.json b/2015/3xxx/CVE-2015-3031.json index c7b20c232d9..28b35bd897b 100644 --- a/2015/3xxx/CVE-2015-3031.json +++ b/2015/3xxx/CVE-2015-3031.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3031", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3031", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3278.json b/2015/3xxx/CVE-2015-3278.json index fdf71e2ad33..6afbe89c423 100644 --- a/2015/3xxx/CVE-2015-3278.json +++ b/2015/3xxx/CVE-2015-3278.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3278", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3278", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238326", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238326" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1238326", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1238326" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3328.json b/2015/3xxx/CVE-2015-3328.json index 5d6f17e87fe..e381a08be1d 100644 --- a/2015/3xxx/CVE-2015-3328.json +++ b/2015/3xxx/CVE-2015-3328.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3328", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3328", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3714.json b/2015/3xxx/CVE-2015-3714.json index 7d77fcdfd6b..5259d8c6443 100644 --- a/2015/3xxx/CVE-2015-3714.json +++ b/2015/3xxx/CVE-2015-3714.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3714", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3714", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT204942", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT204942" - }, - { - "name" : "APPLE-SA-2015-06-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" - }, - { - "name" : "75493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75493" - }, - { - "name" : "1032760", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032760" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-06-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html" + }, + { + "name": "75493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75493" + }, + { + "name": "1032760", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032760" + }, + { + "name": "http://support.apple.com/kb/HT204942", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT204942" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4086.json b/2015/4xxx/CVE-2015-4086.json index 0e25bf1fdc5..63b0b8acd02 100644 --- a/2015/4xxx/CVE-2015-4086.json +++ b/2015/4xxx/CVE-2015-4086.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4086", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4086", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4220.json b/2015/4xxx/CVE-2015-4220.json index d2940c7d292..40740fc55db 100644 --- a/2015/4xxx/CVE-2015-4220.json +++ b/2015/4xxx/CVE-2015-4220.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4220", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4220", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150624 Cisco Unified Presence Server Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504" - }, - { - "name" : "75407", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75407" - }, - { - "name" : "1032717", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032717" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75407", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75407" + }, + { + "name": "1032717", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032717" + }, + { + "name": "20150624 Cisco Unified Presence Server Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=39504" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4757.json b/2015/4xxx/CVE-2015-4757.json index 69efe574c9f..7cf6e63682b 100644 --- a/2015/4xxx/CVE-2015-4757.json +++ b/2015/4xxx/CVE-2015-4757.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4757", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4757", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "DSA-3311", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3311" - }, - { - "name" : "GLSA-201610-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-06" - }, - { - "name" : "RHSA-2015:1630", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1630.html" - }, - { - "name" : "RHSA-2015:1629", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1629.html" - }, - { - "name" : "RHSA-2015:1628", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1628.html" - }, - { - "name" : "RHSA-2015:1646", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1646.html" - }, - { - "name" : "RHSA-2015:1647", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1647.html" - }, - { - "name" : "RHSA-2015:1665", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1665.html" - }, - { - "name" : "openSUSE-SU-2015:1629", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" - }, - { - "name" : "USN-2674-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2674-1" - }, - { - "name" : "75759", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75759" - }, - { - "name" : "1032911", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032911" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Optimizer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032911", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032911" + }, + { + "name": "RHSA-2015:1646", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html" + }, + { + "name": "openSUSE-SU-2015:1629", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html" + }, + { + "name": "75759", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75759" + }, + { + "name": "DSA-3311", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3311" + }, + { + "name": "RHSA-2015:1647", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html" + }, + { + "name": "RHSA-2015:1628", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html" + }, + { + "name": "USN-2674-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2674-1" + }, + { + "name": "GLSA-201610-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-06" + }, + { + "name": "RHSA-2015:1630", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html" + }, + { + "name": "RHSA-2015:1629", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html" + }, + { + "name": "RHSA-2015:1665", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8035.json b/2015/8xxx/CVE-2015-8035.json index 127528fd433..feeb59ac447 100644 --- a/2015/8xxx/CVE-2015-8035.json +++ b/2015/8xxx/CVE-2015-8035.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8035", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8035", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151102 CVE request: DoS in libxml2 if xz is enabled", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/02/2" - }, - { - "name" : "[oss-security] 20151102 Re: CVE request: DoS in libxml2 if xz is enabled", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/02/4" - }, - { - "name" : "[oss-security] 20151103 Re: CVE request: DoS in libxml2 if xz is enabled", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/03/1" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=757466", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=757466" - }, - { - "name" : "http://xmlsoft.org/news.html", - "refsource" : "CONFIRM", - "url" : "http://xmlsoft.org/news.html" - }, - { - "name" : "https://support.apple.com/HT206166", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206166" - }, - { - "name" : "https://support.apple.com/HT206167", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206167" - }, - { - "name" : "https://support.apple.com/HT206168", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206168" - }, - { - "name" : "https://support.apple.com/HT206169", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206169" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" - }, - { - "name" : "APPLE-SA-2016-03-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-03-21-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-03-21-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-03-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" - }, - { - "name" : "DSA-3430", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3430" - }, - { - "name" : "FEDORA-2016-189a7bf68c", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html" - }, - { - "name" : "FEDORA-2016-a9ee80b01d", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html" - }, - { - "name" : "GLSA-201701-37", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-37" - }, - { - "name" : "RHSA-2016:1089", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1089.html" - }, - { - "name" : "openSUSE-SU-2015:2372", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" - }, - { - "name" : "openSUSE-SU-2016:0106", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" - }, - { - "name" : "USN-2812-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2812-1" - }, - { - "name" : "77390", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77390" - }, - { - "name" : "1034243", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034243" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-03-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" + }, + { + "name": "openSUSE-SU-2016:0106", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00031.html" + }, + { + "name": "https://support.apple.com/HT206167", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206167" + }, + { + "name": "https://support.apple.com/HT206168", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206168" + }, + { + "name": "DSA-3430", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3430" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017" + }, + { + "name": "[oss-security] 20151102 CVE request: DoS in libxml2 if xz is enabled", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/02/2" + }, + { + "name": "APPLE-SA-2016-03-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html" + }, + { + "name": "http://xmlsoft.org/news.html", + "refsource": "CONFIRM", + "url": "http://xmlsoft.org/news.html" + }, + { + "name": "FEDORA-2016-a9ee80b01d", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177381.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380" + }, + { + "name": "RHSA-2016:1089", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1089.html" + }, + { + "name": "APPLE-SA-2016-03-21-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html" + }, + { + "name": "1034243", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034243" + }, + { + "name": "USN-2812-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2812-1" + }, + { + "name": "[oss-security] 20151102 Re: CVE request: DoS in libxml2 if xz is enabled", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/02/4" + }, + { + "name": "FEDORA-2016-189a7bf68c", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177341.html" + }, + { + "name": "[oss-security] 20151103 Re: CVE request: DoS in libxml2 if xz is enabled", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/03/1" + }, + { + "name": "GLSA-201701-37", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-37" + }, + { + "name": "77390", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77390" + }, + { + "name": "openSUSE-SU-2015:2372", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00120.html" + }, + { + "name": "APPLE-SA-2016-03-21-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206169", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206169" + }, + { + "name": "https://support.apple.com/HT206166", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206166" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=757466", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=757466" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8257.json b/2015/8xxx/CVE-2015-8257.json index c2678b5031f..52bd316210f 100644 --- a/2015/8xxx/CVE-2015-8257.json +++ b/2015/8xxx/CVE-2015-8257.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8257", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-8257", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40171", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40171/" - }, - { - "name" : "http://packetstormsecurity.com/files/138083/AXIS-Authenticated-Remote-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138083/AXIS-Authenticated-Remote-Command-Execution.html" - }, - { - "name" : "92159", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92159" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrary commands via shell metacharacters in the app parameter to (1) app_license.shtml, (2) app_license_custom.shtml, (3) app_index.shtml, or (4) app_params.shtml." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/138083/AXIS-Authenticated-Remote-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138083/AXIS-Authenticated-Remote-Command-Execution.html" + }, + { + "name": "92159", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92159" + }, + { + "name": "40171", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40171/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8288.json b/2015/8xxx/CVE-2015-8288.json index d44ad82222e..7fb6401f33c 100644 --- a/2015/8xxx/CVE-2015-8288.json +++ b/2015/8xxx/CVE-2015-8288.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8288", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-8288", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kb.netgear.com/app/answers/detail/a_id/30560", - "refsource" : "CONFIRM", - "url" : "http://kb.netgear.com/app/answers/detail/a_id/30560" - }, - { - "name" : "VU#778696", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/778696" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier use the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#778696", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/778696" + }, + { + "name": "http://kb.netgear.com/app/answers/detail/a_id/30560", + "refsource": "CONFIRM", + "url": "http://kb.netgear.com/app/answers/detail/a_id/30560" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8712.json b/2015/8xxx/CVE-2015-8712.json index b0312f1b2fe..d53df22ac56 100644 --- a/2015/8xxx/CVE-2015-8712.json +++ b/2015/8xxx/CVE-2015-8712.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8712", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8712", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-32.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-32.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "DSA-3505", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3505" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "79816", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79816" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-32.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-32.html" + }, + { + "name": "DSA-3505", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3505" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea" + }, + { + "name": "79816", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79816" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8755.json b/2015/8xxx/CVE-2015-8755.json index 4d3d1f9c295..be493fbeb31 100644 --- a/2015/8xxx/CVE-2015-8755.json +++ b/2015/8xxx/CVE-2015-8755.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8755", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8755", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/" - }, - { - "name" : "79236", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79236" - }, - { - "name" : "1034483", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web script or HTML via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034483", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034483" + }, + { + "name": "79236", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79236" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2015-011/" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9079.json b/2015/9xxx/CVE-2015-9079.json index 92d51eb85c9..cec0aed9754 100644 --- a/2015/9xxx/CVE-2015-9079.json +++ b/2015/9xxx/CVE-2015-9079.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9079", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9079", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1875.json b/2016/1xxx/CVE-2016-1875.json index aa3823ac13f..7218ceae519 100644 --- a/2016/1xxx/CVE-2016-1875.json +++ b/2016/1xxx/CVE-2016-1875.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1875", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1875", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5097.json b/2016/5xxx/CVE-2016-5097.json index 8bfaef56b53..425dc7864e2 100644 --- a/2016/5xxx/CVE-2016-5097.json +++ b/2016/5xxx/CVE-2016-5097.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5097", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5097", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/11eb574242d2526107366d367ab5585fbe29578f", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/11eb574242d2526107366d367ab5585fbe29578f" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f" - }, - { - "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3", - "refsource" : "CONFIRM", - "url" : "https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3" - }, - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-14", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-14" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "openSUSE-SU-2016:1556", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html" - }, - { - "name" : "1035978", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035978" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "phpMyAdmin before 4.6.2 places tokens in query strings and does not arrange for them to be stripped before external navigation, which allows remote attackers to obtain sensitive information by reading (1) HTTP requests or (2) server logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/8326aaebe54083d9726e153abdd303a141fe5ad3" + }, + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-14", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-14" + }, + { + "name": "openSUSE-SU-2016:1556", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html" + }, + { + "name": "1035978", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035978" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/59e56bd63a5e023b797d82eb272cd074e3b4bfd1" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/11eb574242d2526107366d367ab5585fbe29578f", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/11eb574242d2526107366d367ab5585fbe29578f" + }, + { + "name": "https://github.com/phpmyadmin/phpmyadmin/commit/5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f", + "refsource": "CONFIRM", + "url": "https://github.com/phpmyadmin/phpmyadmin/commit/5fc8020c5ba9cd2e38beb5dfe013faf2103cdf0f" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5274.json b/2016/5xxx/CVE-2016-5274.json index 8e2017bf650..4c2a790e572 100644 --- a/2016/5xxx/CVE-2016-5274.json +++ b/2016/5xxx/CVE-2016-5274.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5274", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5274", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1282076", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1282076" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-86/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-86/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-88/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-88/" - }, - { - "name" : "DSA-3674", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3674" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1912.html" - }, - { - "name" : "93049", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93049" - }, - { - "name" : "1036852", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036852" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1282076", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1282076" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-85.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-86/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-86/" + }, + { + "name": "DSA-3674", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3674" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "RHSA-2016:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1912.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-88/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-88/" + }, + { + "name": "93049", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93049" + }, + { + "name": "1036852", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036852" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5340.json b/2016/5xxx/CVE-2016-5340.json index 4d9cb32a062..6cea770c939 100644 --- a/2016/5xxx/CVE-2016-5340.json +++ b/2016/5xxx/CVE-2016-5340.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5340", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5340", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6" - }, - { - "name" : "https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-10-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-10-01.html" - }, - { - "name" : "92374", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92374" - }, - { - "name" : "1036763", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036763" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340" + }, + { + "name": "92374", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92374" + }, + { + "name": "http://source.android.com/security/bulletin/2016-10-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-10-01.html" + }, + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6" + }, + { + "name": "1036763", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036763" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5512.json b/2016/5xxx/CVE-2016-5512.json index a4b87e5b071..7d45075427f 100644 --- a/2016/5xxx/CVE-2016-5512.json +++ b/2016/5xxx/CVE-2016-5512.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5512", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5521." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5512", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93660", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-5521." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93660", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93660" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5779.json b/2016/5xxx/CVE-2016-5779.json index 66fb579d225..7235cc16bef 100644 --- a/2016/5xxx/CVE-2016-5779.json +++ b/2016/5xxx/CVE-2016-5779.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5779", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5779", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2056.json b/2018/2xxx/CVE-2018-2056.json index 86169279eb1..9293cee684f 100644 --- a/2018/2xxx/CVE-2018-2056.json +++ b/2018/2xxx/CVE-2018-2056.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2056", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2056", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2837.json b/2018/2xxx/CVE-2018-2837.json index 5eb355f6e29..b3683d9d122 100644 --- a/2018/2xxx/CVE-2018-2837.json +++ b/2018/2xxx/CVE-2018-2837.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.1.36" - }, - { - "version_affected" : "<", - "version_value" : "5.2.10" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.1.36" + }, + { + "version_affected": "<", + "version_value": "5.2.10" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "GLSA-201805-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201805-08" - }, - { - "name" : "103859", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103859" - }, - { - "name" : "1040707", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.1.36 and Prior to 5.2.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201805-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201805-08" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "1040707", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040707" + }, + { + "name": "103859", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103859" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6558.json b/2018/6xxx/CVE-2018-6558.json index f2e448a2a06..7aac424f125 100644 --- a/2018/6xxx/CVE-2018-6558.json +++ b/2018/6xxx/CVE-2018-6558.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@ubuntu.com", - "DATE_PUBLIC" : "2018-08-23T17:00:00.000Z", - "ID" : "CVE-2018-6558", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "fscrypt", - "version" : { - "version_data" : [ - { - "version_value" : "before 0.2.4" - } - ] - } - } - ] - }, - "vendor_name" : "The fscrypt Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "DATE_PUBLIC": "2018-08-23T17:00:00.000Z", + "ID": "CVE-2018-6558", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "fscrypt", + "version": { + "version_data": [ + { + "version_value": "before 0.2.4" + } + ] + } + } + ] + }, + "vendor_name": "The fscrypt Project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b", - "refsource" : "MISC", - "url" : "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b" - }, - { - "name" : "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66", - "refsource" : "MISC", - "url" : "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66" - }, - { - "name" : "https://github.com/google/fscrypt/issues/77", - "refsource" : "MISC", - "url" : "https://github.com/google/fscrypt/issues/77" - }, - { - "name" : "https://launchpad.net/bugs/1787548", - "refsource" : "MISC", - "url" : "https://launchpad.net/bugs/1787548" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a successful login through certain applications that use Linux-PAM (aka pam)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/google/fscrypt/issues/77", + "refsource": "MISC", + "url": "https://github.com/google/fscrypt/issues/77" + }, + { + "name": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b", + "refsource": "MISC", + "url": "https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b" + }, + { + "name": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66", + "refsource": "MISC", + "url": "https://github.com/google/fscrypt/commit/315f9b042237200174a1fb99427f74027e191d66" + }, + { + "name": "https://launchpad.net/bugs/1787548", + "refsource": "MISC", + "url": "https://launchpad.net/bugs/1787548" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6656.json b/2018/6xxx/CVE-2018-6656.json index 8654491e4dc..b9e69e980d7 100644 --- a/2018/6xxx/CVE-2018-6656.json +++ b/2018/6xxx/CVE-2018-6656.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as demonstrated by deleting files and directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/zblogcn/zblogphp/commit/c51da34a27798b5fe6d1cb5133a15da6a6384e43", - "refsource" : "MISC", - "url" : "https://github.com/zblogcn/zblogphp/commit/c51da34a27798b5fe6d1cb5133a15da6a6384e43" - }, - { - "name" : "https://github.com/zblogcn/zblogphp/issues/175", - "refsource" : "MISC", - "url" : "https://github.com/zblogcn/zblogphp/issues/175" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as demonstrated by deleting files and directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/zblogcn/zblogphp/commit/c51da34a27798b5fe6d1cb5133a15da6a6384e43", + "refsource": "MISC", + "url": "https://github.com/zblogcn/zblogphp/commit/c51da34a27798b5fe6d1cb5133a15da6a6384e43" + }, + { + "name": "https://github.com/zblogcn/zblogphp/issues/175", + "refsource": "MISC", + "url": "https://github.com/zblogcn/zblogphp/issues/175" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6837.json b/2018/6xxx/CVE-2018-6837.json index 7dbfd4acf89..b9ccbd4841e 100644 --- a/2018/6xxx/CVE-2018-6837.json +++ b/2018/6xxx/CVE-2018-6837.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6837", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6837", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0238.json b/2019/0xxx/CVE-2019-0238.json index b609e00d479..0445b983583 100644 --- a/2019/0xxx/CVE-2019-0238.json +++ b/2019/0xxx/CVE-2019-0238.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2019-0238", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Commerce (ex. SAP Hybris Commerce)", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "6.7" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2019-0238", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Commerce (ex. SAP Hybris Commerce)", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "6.7" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2697573", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2697573" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" - }, - { - "name" : "106462", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106462" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Commerce (previously known as SAP Hybris Commerce), before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106462", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106462" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2697573", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2697573" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0488.json b/2019/0xxx/CVE-2019-0488.json index 942ef66cd30..33eb399d461 100644 --- a/2019/0xxx/CVE-2019-0488.json +++ b/2019/0xxx/CVE-2019-0488.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0488", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0488", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0741.json b/2019/0xxx/CVE-2019-0741.json index e868302f563..e0e456e1275 100644 --- a/2019/0xxx/CVE-2019-0741.json +++ b/2019/0xxx/CVE-2019-0741.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0741", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java SDK for Azure IoT", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0741", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java SDK for Azure IoT", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741" - }, - { - "name" : "106971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106971" + }, + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0741" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0840.json b/2019/0xxx/CVE-2019-0840.json index 0bc121f5ebc..d207d0ac3d9 100644 --- a/2019/0xxx/CVE-2019-0840.json +++ b/2019/0xxx/CVE-2019-0840.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0840", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0840", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1122.json b/2019/1xxx/CVE-2019-1122.json index da79abb6bc0..ded95c2ca6d 100644 --- a/2019/1xxx/CVE-2019-1122.json +++ b/2019/1xxx/CVE-2019-1122.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1122", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1122", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1328.json b/2019/1xxx/CVE-2019-1328.json index 69d01a02265..4070d4c392f 100644 --- a/2019/1xxx/CVE-2019-1328.json +++ b/2019/1xxx/CVE-2019-1328.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1328", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1328", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1399.json b/2019/1xxx/CVE-2019-1399.json index b34fec8b95d..5b3ff636f45 100644 --- a/2019/1xxx/CVE-2019-1399.json +++ b/2019/1xxx/CVE-2019-1399.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1399", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1399", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1407.json b/2019/1xxx/CVE-2019-1407.json index 5b7cae64eeb..da488b42901 100644 --- a/2019/1xxx/CVE-2019-1407.json +++ b/2019/1xxx/CVE-2019-1407.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1407", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1407", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1901.json b/2019/1xxx/CVE-2019-1901.json index 3b32639e86c..0dbda49220d 100644 --- a/2019/1xxx/CVE-2019-1901.json +++ b/2019/1xxx/CVE-2019-1901.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1901", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1901", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4804.json b/2019/4xxx/CVE-2019-4804.json index bb0f9f496ca..2c288335827 100644 --- a/2019/4xxx/CVE-2019-4804.json +++ b/2019/4xxx/CVE-2019-4804.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4804", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4804", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5549.json b/2019/5xxx/CVE-2019-5549.json index c54bcc0d359..ab5e6dcac42 100644 --- a/2019/5xxx/CVE-2019-5549.json +++ b/2019/5xxx/CVE-2019-5549.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5549", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5549", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5567.json b/2019/5xxx/CVE-2019-5567.json index 6082107e0af..cef862e569a 100644 --- a/2019/5xxx/CVE-2019-5567.json +++ b/2019/5xxx/CVE-2019-5567.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5567", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5567", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5594.json b/2019/5xxx/CVE-2019-5594.json index f336d1779b3..2bf796c3007 100644 --- a/2019/5xxx/CVE-2019-5594.json +++ b/2019/5xxx/CVE-2019-5594.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5594", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5594", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5646.json b/2019/5xxx/CVE-2019-5646.json index 6f1a7a7e214..ca79bb9ff47 100644 --- a/2019/5xxx/CVE-2019-5646.json +++ b/2019/5xxx/CVE-2019-5646.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5646", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5646", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file