From c8c69256d7e3da19472852bce8e127cf69cc0225 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:02:07 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0464.json | 220 ++++++++++----------- 2007/0xxx/CVE-2007-0893.json | 160 +++++++-------- 2007/1xxx/CVE-2007-1072.json | 160 +++++++-------- 2007/3xxx/CVE-2007-3688.json | 180 ++++++++--------- 2007/3xxx/CVE-2007-3703.json | 150 +++++++-------- 2007/3xxx/CVE-2007-3809.json | 150 +++++++-------- 2007/3xxx/CVE-2007-3944.json | 220 ++++++++++----------- 2007/4xxx/CVE-2007-4142.json | 180 ++++++++--------- 2007/4xxx/CVE-2007-4325.json | 170 ++++++++-------- 2007/4xxx/CVE-2007-4526.json | 180 ++++++++--------- 2007/4xxx/CVE-2007-4715.json | 210 ++++++++++---------- 2014/5xxx/CVE-2014-5072.json | 130 ++++++------- 2014/5xxx/CVE-2014-5289.json | 34 ++-- 2014/5xxx/CVE-2014-5296.json | 34 ++-- 2014/5xxx/CVE-2014-5647.json | 140 +++++++------- 2015/2xxx/CVE-2015-2132.json | 120 ++++++------ 2015/2xxx/CVE-2015-2174.json | 34 ++-- 2015/2xxx/CVE-2015-2440.json | 150 +++++++-------- 2015/2xxx/CVE-2015-2716.json | 300 ++++++++++++++--------------- 2015/6xxx/CVE-2015-6128.json | 150 +++++++-------- 2015/6xxx/CVE-2015-6590.json | 34 ++-- 2015/6xxx/CVE-2015-6732.json | 200 +++++++++---------- 2015/6xxx/CVE-2015-6907.json | 34 ++-- 2015/6xxx/CVE-2015-6961.json | 130 ++++++------- 2015/7xxx/CVE-2015-7154.json | 34 ++-- 2015/7xxx/CVE-2015-7364.json | 160 +++++++-------- 2015/7xxx/CVE-2015-7514.json | 150 +++++++-------- 2016/0xxx/CVE-2016-0547.json | 130 ++++++------- 2016/0xxx/CVE-2016-0944.json | 130 ++++++------- 2016/0xxx/CVE-2016-0966.json | 190 +++++++++--------- 2016/1000xxx/CVE-2016-1000155.json | 140 +++++++------- 2016/1000xxx/CVE-2016-1000177.json | 34 ++-- 2016/10xxx/CVE-2016-10099.json | 130 ++++++------- 2016/10xxx/CVE-2016-10445.json | 132 ++++++------- 2016/1xxx/CVE-2016-1381.json | 130 ++++++------- 2016/4xxx/CVE-2016-4107.json | 140 +++++++------- 2016/4xxx/CVE-2016-4615.json | 240 +++++++++++------------ 2016/9xxx/CVE-2016-9385.json | 160 +++++++-------- 2016/9xxx/CVE-2016-9551.json | 34 ++-- 2019/1003xxx/CVE-2019-1003038.json | 124 ++++++------ 2019/2xxx/CVE-2019-2460.json | 132 ++++++------- 2019/2xxx/CVE-2019-2754.json | 34 ++-- 2019/3xxx/CVE-2019-3069.json | 34 ++-- 2019/3xxx/CVE-2019-3169.json | 34 ++-- 2019/3xxx/CVE-2019-3860.json | 34 ++-- 2019/3xxx/CVE-2019-3917.json | 122 ++++++------ 2019/6xxx/CVE-2019-6260.json | 130 ++++++------- 2019/6xxx/CVE-2019-6624.json | 34 ++-- 2019/6xxx/CVE-2019-6672.json | 34 ++-- 2019/6xxx/CVE-2019-6708.json | 120 ++++++------ 2019/6xxx/CVE-2019-6992.json | 130 ++++++------- 2019/7xxx/CVE-2019-7828.json | 34 ++-- 2019/8xxx/CVE-2019-8041.json | 34 ++-- 2019/8xxx/CVE-2019-8150.json | 34 ++-- 2019/8xxx/CVE-2019-8323.json | 34 ++-- 2019/8xxx/CVE-2019-8788.json | 34 ++-- 2019/9xxx/CVE-2019-9084.json | 34 ++-- 2019/9xxx/CVE-2019-9173.json | 34 ++-- 2019/9xxx/CVE-2019-9251.json | 34 ++-- 2019/9xxx/CVE-2019-9510.json | 34 ++-- 60 files changed, 3336 insertions(+), 3336 deletions(-) diff --git a/2007/0xxx/CVE-2007-0464.json b/2007/0xxx/CVE-2007-0464.json index 3413b226292..e2faf1b7f33 100644 --- a/2007/0xxx/CVE-2007-0464.json +++ b/2007/0xxx/CVE-2007-0464.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3200", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3200" - }, - { - "name" : "http://projects.info-pull.com/moab/MOAB-25-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-25-01-2007.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "22249", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22249" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "32704", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32704" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "macos-cfnetwork-dos(31837)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31837" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The _CFNetConnectionWillEnqueueRequests function in CFNetwork 129.19 on Apple Mac OS X 10.4 through 10.4.10 allows remote attackers to cause a denial of service (application crash) via a crafted HTTP 301 response, which results in a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "3200", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3200" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Nov/msg00002.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "http://projects.info-pull.com/moab/MOAB-25-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-25-01-2007.html" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "32704", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32704" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "22249", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22249" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + }, + { + "name": "macos-cfnetwork-dos(31837)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31837" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0893.json b/2007/0xxx/CVE-2007-0893.json index e867c4bc6b6..999c5fff04b 100644 --- a/2007/0xxx/CVE-2007-0893.json +++ b/2007/0xxx/CVE-2007-0893.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0893", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading \"..\" sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0893", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070211 Multiple vulnerabilities in phpMyVisites", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459792/100/0/threaded" - }, - { - "name" : "20070211 Multiple vulnerabilities in phpMyVisites", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117121596803908&w=2" - }, - { - "name" : "22516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22516" - }, - { - "name" : "33178", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33178" - }, - { - "name" : "phpmyvisites-pmvckview-file-include(32433)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32433" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in phpMyVisites before 2.2 allows remote attackers to include arbitrary files via leading \"..\" sequences on the pmv_ck_view COOKIE parameter, which bypasses the protection scheme." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070211 Multiple vulnerabilities in phpMyVisites", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117121596803908&w=2" + }, + { + "name": "phpmyvisites-pmvckview-file-include(32433)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32433" + }, + { + "name": "20070211 Multiple vulnerabilities in phpMyVisites", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459792/100/0/threaded" + }, + { + "name": "22516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22516" + }, + { + "name": "33178", + "refsource": "OSVDB", + "url": "http://osvdb.org/33178" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1072.json b/2007/1xxx/CVE-2007-1072.json index 2bcd203b996..57d15e6e79a 100644 --- a/2007/1xxx/CVE-2007-1072.json +++ b/2007/1xxx/CVE-2007-1072.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml" - }, - { - "name" : "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml" - }, - { - "name" : "22647", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22647" - }, - { - "name" : "33064", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33064" - }, - { - "name" : "24262", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The command line interface (CLI) in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier allows local users to obtain privileges or cause a denial of service via unspecified vectors. NOTE: this issue can be leveraged remotely via CVE-2007-1063." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070221 Identifying and Mitigating Exploitation of Cisco Unified IP Conference Station and IP Phone Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-air-20070221-phone.shtml" + }, + { + "name": "20070221 Cisco Unified IP Conference Station and IP Phone Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-phone.shtml" + }, + { + "name": "24262", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24262" + }, + { + "name": "22647", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22647" + }, + { + "name": "33064", + "refsource": "OSVDB", + "url": "http://osvdb.org/33064" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3688.json b/2007/3xxx/CVE-2007-3688.json index e5bc77ad252..34986bfd09d 100644 --- a/2007/3xxx/CVE-2007-3688.json +++ b/2007/3xxx/CVE-2007-3688.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear 1.2.6 allow remote attackers to perform actions as arbitrary users via the (1) tool_url parameter to ecrire/tools.php and multiple fields on the (2) blogconf, (3) blogroll, (4) ecrire/redacteur.php, and (5) ecrire/user_prefs.php pages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070711 Dotclear remote script execution", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2007-07/0102.html" - }, - { - "name" : "http://ar3av.free.fr/faille-dotclear.php", - "refsource" : "MISC", - "url" : "http://ar3av.free.fr/faille-dotclear.php" - }, - { - "name" : "37892", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37892" - }, - { - "name" : "37893", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37893" - }, - { - "name" : "37891", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37891" - }, - { - "name" : "25971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25971" - }, - { - "name" : "dotclear-tools-file-include(35324)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in DotClear 1.2.6 allow remote attackers to perform actions as arbitrary users via the (1) tool_url parameter to ecrire/tools.php and multiple fields on the (2) blogconf, (3) blogroll, (4) ecrire/redacteur.php, and (5) ecrire/user_prefs.php pages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37891", + "refsource": "OSVDB", + "url": "http://osvdb.org/37891" + }, + { + "name": "37892", + "refsource": "OSVDB", + "url": "http://osvdb.org/37892" + }, + { + "name": "dotclear-tools-file-include(35324)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35324" + }, + { + "name": "20070711 Dotclear remote script execution", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2007-07/0102.html" + }, + { + "name": "37893", + "refsource": "OSVDB", + "url": "http://osvdb.org/37893" + }, + { + "name": "http://ar3av.free.fr/faille-dotclear.php", + "refsource": "MISC", + "url": "http://ar3av.free.fr/faille-dotclear.php" + }, + { + "name": "25971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25971" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3703.json b/2007/3xxx/CVE-2007-3703.json index 3a4202ef0f2..ff9716c47ae 100644 --- a/2007/3xxx/CVE-2007-3703.json +++ b/2007/3xxx/CVE-2007-3703.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3703", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in a certain ActiveX control in sasatl.dll 1.5.0.531 in Zenturi Program Checker (ProgramChecker) Pro allows remote attackers to execute arbitrary code via a long argument to the Fill method. NOTE: this is probably a different issue than CVE-2007-2987." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3703", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4170", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/4170" - }, - { - "name" : "20070710 [GOODFELLAS - VULN] sasatl.dll 1.5.0.531 Program Checker - Javascript Heap Spraying Exploit", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0180.html" - }, - { - "name" : "24848", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24848" - }, - { - "name" : "37707", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37707" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in a certain ActiveX control in sasatl.dll 1.5.0.531 in Zenturi Program Checker (ProgramChecker) Pro allows remote attackers to execute arbitrary code via a long argument to the Fill method. NOTE: this is probably a different issue than CVE-2007-2987." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37707", + "refsource": "OSVDB", + "url": "http://osvdb.org/37707" + }, + { + "name": "4170", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/4170" + }, + { + "name": "20070710 [GOODFELLAS - VULN] sasatl.dll 1.5.0.531 Program Checker - Javascript Heap Spraying Exploit", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0180.html" + }, + { + "name": "24848", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24848" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3809.json b/2007/3xxx/CVE-2007-3809.json index f19268790d3..61499cf6b35 100644 --- a/2007/3xxx/CVE-2007-3809.json +++ b/2007/3xxx/CVE-2007-3809.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3809", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3809", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4185", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4185" - }, - { - "name" : "24915", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24915" - }, - { - "name" : "36512", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36512" - }, - { - "name" : "prozilla-directory-sql-injection(35425)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Prozilla Directory Script allow remote attackers to execute arbitrary SQL commands via the cat_id parameter in a list action to directory.php, and other unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24915", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24915" + }, + { + "name": "4185", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4185" + }, + { + "name": "36512", + "refsource": "OSVDB", + "url": "http://osvdb.org/36512" + }, + { + "name": "prozilla-directory-sql-injection(35425)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35425" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3944.json b/2007/3xxx/CVE-2007-3944.json index 8ca109db360..fca8e6aeb48 100644 --- a/2007/3xxx/CVE-2007-3944.json +++ b/2007/3xxx/CVE-2007-3944.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3944", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3944", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin", - "refsource" : "MISC", - "url" : "http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin" - }, - { - "name" : "http://www.securityevaluators.com/iphone/", - "refsource" : "MISC", - "url" : "http://www.securityevaluators.com/iphone/" - }, - { - "name" : "http://www.securityevaluators.com/iphone/exploitingiphone.pdf", - "refsource" : "MISC", - "url" : "http://www.securityevaluators.com/iphone/exploitingiphone.pdf" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306173", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306173" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306174", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306174" - }, - { - "name" : "25002", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25002" - }, - { - "name" : "ADV-2007-2730", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2730" - }, - { - "name" : "ADV-2007-2731", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2731" - }, - { - "name" : "1018439", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018439" - }, - { - "name" : "26287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26287" - }, - { - "name" : "iphone-safari-bo(35577)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35577" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://docs.info.apple.com/article.html?artnum=306173", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306173" + }, + { + "name": "25002", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25002" + }, + { + "name": "iphone-safari-bo(35577)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35577" + }, + { + "name": "ADV-2007-2730", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2730" + }, + { + "name": "http://www.securityevaluators.com/iphone/", + "refsource": "MISC", + "url": "http://www.securityevaluators.com/iphone/" + }, + { + "name": "1018439", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018439" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306174", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306174" + }, + { + "name": "26287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26287" + }, + { + "name": "http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin", + "refsource": "MISC", + "url": "http://www.nytimes.com/2007/07/23/technology/23iphone.html?_r=1&adxnnl=1&adxnnlx=1185163364-1OTsRJvbylLamj17FY2wnw&oref=slogin" + }, + { + "name": "ADV-2007-2731", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2731" + }, + { + "name": "http://www.securityevaluators.com/iphone/exploitingiphone.pdf", + "refsource": "MISC", + "url": "http://www.securityevaluators.com/iphone/exploitingiphone.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4142.json b/2007/4xxx/CVE-2007-4142.json index b7eed79679d..ac0000b2cec 100644 --- a/2007/4xxx/CVE-2007-4142.json +++ b/2007/4xxx/CVE-2007-4142.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4142", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4142", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21266789", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21266789" - }, - { - "name" : "25167", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25167" - }, - { - "name" : "ADV-2007-2734", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2734" - }, - { - "name" : "36462", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36462" - }, - { - "name" : "1018502", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018502" - }, - { - "name" : "26302", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26302" - }, - { - "name" : "sametime-meeting-xss(35731)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Lotus Sametime Server 7.5.1 before 20070731 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a crafted Sametime meeting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26302", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26302" + }, + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21266789", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21266789" + }, + { + "name": "1018502", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018502" + }, + { + "name": "36462", + "refsource": "OSVDB", + "url": "http://osvdb.org/36462" + }, + { + "name": "sametime-meeting-xss(35731)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35731" + }, + { + "name": "25167", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25167" + }, + { + "name": "ADV-2007-2734", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2734" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4325.json b/2007/4xxx/CVE-2007-4325.json index 0667176419d..8aeff89ffb2 100644 --- a/2007/4xxx/CVE-2007-4325.json +++ b/2007/4xxx/CVE-2007-4325.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4325", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4325", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070809 Gästebuch Version 1.5 Remote Command Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475950/100/0/threaded" - }, - { - "name" : "25252", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25252" - }, - { - "name" : "ADV-2007-2837", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2837" - }, - { - "name" : "37515", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37515" - }, - { - "name" : "26401", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26401" - }, - { - "name" : "2994", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26401", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26401" + }, + { + "name": "ADV-2007-2837", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2837" + }, + { + "name": "2994", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2994" + }, + { + "name": "25252", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25252" + }, + { + "name": "20070809 Gästebuch Version 1.5 Remote Command Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475950/100/0/threaded" + }, + { + "name": "37515", + "refsource": "OSVDB", + "url": "http://osvdb.org/37515" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4526.json b/2007/4xxx/CVE-2007-4526.json index 2d309babff5..e6b423ecc88 100644 --- a/2007/4xxx/CVE-2007-4526.json +++ b/2007/4xxx/CVE-2007-4526.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://secure-support.novell.com/KanisaPlatform/Publishing/177/3329402_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "https://secure-support.novell.com/KanisaPlatform/Publishing/177/3329402_f.SAL_Public.html" - }, - { - "name" : "25420", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25420" - }, - { - "name" : "ADV-2007-2957", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2957" - }, - { - "name" : "37320", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37320" - }, - { - "name" : "1018602", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018602" - }, - { - "name" : "26555", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26555" - }, - { - "name" : "novell-identity-login-information-disclosure(36215)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://secure-support.novell.com/KanisaPlatform/Publishing/177/3329402_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "https://secure-support.novell.com/KanisaPlatform/Publishing/177/3329402_f.SAL_Public.html" + }, + { + "name": "ADV-2007-2957", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2957" + }, + { + "name": "37320", + "refsource": "OSVDB", + "url": "http://osvdb.org/37320" + }, + { + "name": "1018602", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018602" + }, + { + "name": "25420", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25420" + }, + { + "name": "26555", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26555" + }, + { + "name": "novell-identity-login-information-disclosure(36215)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36215" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4715.json b/2007/4xxx/CVE-2007-4715.json index 131d043c3f1..1e9e40f67f5 100644 --- a/2007/4xxx/CVE-2007-4715.json +++ b/2007/4xxx/CVE-2007-4715.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4715", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute arbitrary PHP code via a URL in the files_dir parameter in (1) es_desp.php, (2) es_custom_menu.php, and (3) es_offer.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4715", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070831 SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478379/100/0/threaded" - }, - { - "name" : "4352", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4352" - }, - { - "name" : "http://www.solpotcrew.org/adv/home_edition2001-adv-02.txt", - "refsource" : "MISC", - "url" : "http://www.solpotcrew.org/adv/home_edition2001-adv-02.txt" - }, - { - "name" : "25506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25506" - }, - { - "name" : "ADV-2007-3089", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3089" - }, - { - "name" : "38423", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38423" - }, - { - "name" : "38424", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38424" - }, - { - "name" : "38425", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38425" - }, - { - "name" : "3096", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3096" - }, - { - "name" : "weblogicnet-filesdir-file-include(36409)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute arbitrary PHP code via a URL in the files_dir parameter in (1) es_desp.php, (2) es_custom_menu.php, and (3) es_offer.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3089", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3089" + }, + { + "name": "38425", + "refsource": "OSVDB", + "url": "http://osvdb.org/38425" + }, + { + "name": "20070831 SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478379/100/0/threaded" + }, + { + "name": "4352", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4352" + }, + { + "name": "25506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25506" + }, + { + "name": "38423", + "refsource": "OSVDB", + "url": "http://osvdb.org/38423" + }, + { + "name": "3096", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3096" + }, + { + "name": "weblogicnet-filesdir-file-include(36409)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36409" + }, + { + "name": "http://www.solpotcrew.org/adv/home_edition2001-adv-02.txt", + "refsource": "MISC", + "url": "http://www.solpotcrew.org/adv/home_edition2001-adv-02.txt" + }, + { + "name": "38424", + "refsource": "OSVDB", + "url": "http://osvdb.org/38424" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5072.json b/2014/5xxx/CVE-2014-5072.json index 64822362d9e..a0b90036db0 100644 --- a/2014/5xxx/CVE-2014-5072.json +++ b/2014/5xxx/CVE-2014-5072.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072", - "refsource" : "MISC", - "url" : "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072" - }, - { - "name" : "https://www.wpsecurityauditlog.com/plugin-change-log/", - "refsource" : "CONFIRM", - "url" : "https://www.wpsecurityauditlog.com/plugin-change-log/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.wpsecurityauditlog.com/plugin-change-log/", + "refsource": "CONFIRM", + "url": "https://www.wpsecurityauditlog.com/plugin-change-log/" + }, + { + "name": "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072", + "refsource": "MISC", + "url": "https://github.com/0pc0deFR/Exploits/tree/master/CVE-2014-5072" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5289.json b/2014/5xxx/CVE-2014-5289.json index a32c03feb04..f28aba9ba00 100644 --- a/2014/5xxx/CVE-2014-5289.json +++ b/2014/5xxx/CVE-2014-5289.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5289", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5289", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5296.json b/2014/5xxx/CVE-2014-5296.json index 123b38d441b..fbc6ac655cb 100644 --- a/2014/5xxx/CVE-2014-5296.json +++ b/2014/5xxx/CVE-2014-5296.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5296", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5296", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5647.json b/2014/5xxx/CVE-2014-5647.json index d3862bcf655..759a44fac8f 100644 --- a/2014/5xxx/CVE-2014-5647.json +++ b/2014/5xxx/CVE-2014-5647.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#290865", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/290865" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ISL Light Remote Desktop (aka com.islonline.isllight.mobile.android) application 2.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#290865", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/290865" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2132.json b/2015/2xxx/CVE-2015-2132.json index 6ce454a2469..3ef2ef5b96a 100644 --- a/2015/2xxx/CVE-2015-2132.json +++ b/2015/2xxx/CVE-2015-2132.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2132", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2015-2132", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04735247", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04735247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04735247", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04735247" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2174.json b/2015/2xxx/CVE-2015-2174.json index 4bb9dd178c4..4724c8dbe2c 100644 --- a/2015/2xxx/CVE-2015-2174.json +++ b/2015/2xxx/CVE-2015-2174.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2174", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2174", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2440.json b/2015/2xxx/CVE-2015-2440.json index 3700adbacab..b85ec05dfab 100644 --- a/2015/2xxx/CVE-2015-2440.json +++ b/2015/2xxx/CVE-2015-2440.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2440", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"MSXML Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-381", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-381" - }, - { - "name" : "MS15-084", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084" - }, - { - "name" : "76232", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76232" - }, - { - "name" : "1033241", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033241" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft XML Core Services 3.0, 5.0, and 6.0 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"MSXML Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033241", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033241" + }, + { + "name": "76232", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76232" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-381", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-381" + }, + { + "name": "MS15-084", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-084" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2716.json b/2015/2xxx/CVE-2015-2716.json index 7d065ac55f7..f2713bcddc0 100644 --- a/2015/2xxx/CVE-2015-2716.json +++ b/2015/2xxx/CVE-2015-2716.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1140537", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1140537" - }, - { - "name" : "https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c", - "refsource" : "CONFIRM", - "url" : "https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-20", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-20" - }, - { - "name" : "DSA-3260", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3260" - }, - { - "name" : "DSA-3264", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3264" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "RHSA-2015:0988", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0988.html" - }, - { - "name" : "RHSA-2015:1012", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1012.html" - }, - { - "name" : "SUSE-SU-2015:0960", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html" - }, - { - "name" : "openSUSE-SU-2015:0934", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html" - }, - { - "name" : "openSUSE-SU-2015:1266", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" - }, - { - "name" : "SUSE-SU-2015:0978", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html" - }, - { - "name" : "openSUSE-SU-2015:0892", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html" - }, - { - "name" : "USN-2602-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2602-1" - }, - { - "name" : "USN-2603-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2603-1" - }, - { - "name" : "74611", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2602-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2602-1" + }, + { + "name": "RHSA-2015:0988", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0988.html" + }, + { + "name": "https://www.tenable.com/security/tns-2016-20", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-20" + }, + { + "name": "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/en-US/security/known-vulnerabilities/thunderbird/#thunderbird31.7" + }, + { + "name": "74611", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74611" + }, + { + "name": "openSUSE-SU-2015:0892", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00012.html" + }, + { + "name": "DSA-3264", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3264" + }, + { + "name": "DSA-3260", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3260" + }, + { + "name": "SUSE-SU-2015:0978", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00000.html" + }, + { + "name": "https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c", + "refsource": "CONFIRM", + "url": "https://hg.mozilla.org/releases/mozilla-esr31/rev/2f3e78643f5c" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2015:0934", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-54.html" + }, + { + "name": "USN-2603-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2603-1" + }, + { + "name": "SUSE-SU-2015:0960", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html" + }, + { + "name": "RHSA-2015:1012", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1012.html" + }, + { + "name": "openSUSE-SU-2015:1266", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00031.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1140537", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1140537" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6128.json b/2015/6xxx/CVE-2015-6128.json index c9ec2b51b20..b580e373535 100644 --- a/2015/6xxx/CVE-2015-6128.json +++ b/2015/6xxx/CVE-2015-6128.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka \"Windows Library Loading Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38918", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38918/" - }, - { - "name" : "MS15-132", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-132" - }, - { - "name" : "78612", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78612" - }, - { - "name" : "1034338", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library loading, which allows local users to gain privileges via a crafted application, aka \"Windows Library Loading Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38918", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38918/" + }, + { + "name": "1034338", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034338" + }, + { + "name": "MS15-132", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-132" + }, + { + "name": "78612", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78612" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6590.json b/2015/6xxx/CVE-2015-6590.json index 0a252039228..6b7fd280e0e 100644 --- a/2015/6xxx/CVE-2015-6590.json +++ b/2015/6xxx/CVE-2015-6590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6590", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6590", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6732.json b/2015/6xxx/CVE-2015-6732.json index f4fc4fa7a30..a40da3bd52a 100644 --- a/2015/6xxx/CVE-2015-6732.json +++ b/2015/6xxx/CVE-2015-6732.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6732", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) \"Template label (optional)\" field in a form, or a (3) Field name in a template." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6732", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html" - }, - { - "name" : "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/12/6" - }, - { - "name" : "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/27/6" - }, - { - "name" : "https://phabricator.wikimedia.org/T103391", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T103391" - }, - { - "name" : "https://phabricator.wikimedia.org/T103761", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T103761" - }, - { - "name" : "https://phabricator.wikimedia.org/T103765", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T103765" - }, - { - "name" : "FEDORA-2015-13920", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html" - }, - { - "name" : "GLSA-201510-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-05" - }, - { - "name" : "76334", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76334" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki allow remote attackers to inject arbitrary web script or HTML via the (1) wpSummary parameter to Special:FormEdit, the (2) \"Template label (optional)\" field in a form, or a (3) Field name in a template." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201510-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-05" + }, + { + "name": "[oss-security] 20150827 Re: CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/27/6" + }, + { + "name": "[oss-security] 20150812 CVE Request: MediaWiki 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/12/6" + }, + { + "name": "https://phabricator.wikimedia.org/T103391", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T103391" + }, + { + "name": "[MediaWiki-announce] 20150810 MediaWiki Security and Maintenance Releases: 1.25.2, 1.24.3, 1.23.10", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-August/000179.html" + }, + { + "name": "https://phabricator.wikimedia.org/T103761", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T103761" + }, + { + "name": "https://phabricator.wikimedia.org/T103765", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T103765" + }, + { + "name": "FEDORA-2015-13920", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165193.html" + }, + { + "name": "76334", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76334" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6907.json b/2015/6xxx/CVE-2015-6907.json index 0fd8ce0141d..c9430ecc61e 100644 --- a/2015/6xxx/CVE-2015-6907.json +++ b/2015/6xxx/CVE-2015-6907.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6907", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6907", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6961.json b/2015/6xxx/CVE-2015-6961.json index 1a68851a3c6..416a2f98280 100644 --- a/2015/6xxx/CVE-2015-6961.json +++ b/2015/6xxx/CVE-2015-6961.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/web2py/web2py/commit/e31a099cb3456fef471886339653430ae59056b0", - "refsource" : "CONFIRM", - "url" : "https://github.com/web2py/web2py/commit/e31a099cb3456fef471886339653430ae59056b0" - }, - { - "name" : "https://github.com/web2py/web2py/issues/731", - "refsource" : "CONFIRM", - "url" : "https://github.com/web2py/web2py/issues/731" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the _next parameter to user/logout." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/web2py/web2py/commit/e31a099cb3456fef471886339653430ae59056b0", + "refsource": "CONFIRM", + "url": "https://github.com/web2py/web2py/commit/e31a099cb3456fef471886339653430ae59056b0" + }, + { + "name": "https://github.com/web2py/web2py/issues/731", + "refsource": "CONFIRM", + "url": "https://github.com/web2py/web2py/issues/731" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7154.json b/2015/7xxx/CVE-2015-7154.json index 0b89054fc9d..28077661aec 100644 --- a/2015/7xxx/CVE-2015-7154.json +++ b/2015/7xxx/CVE-2015-7154.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7154", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7154", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7364.json b/2015/7xxx/CVE-2015-7364.json index c7371ab23d6..b7d9b4f13e4 100644 --- a/2015/7xxx/CVE-2015-7364.json +++ b/2015/7xxx/CVE-2015-7364.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7364", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7364", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536633/100/0/threaded" - }, - { - "name" : "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/32" - }, - { - "name" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" - }, - { - "name" : "http://www.revive-adserver.com/security/revive-sa-2015-001", - "refsource" : "CONFIRM", - "url" : "http://www.revive-adserver.com/security/revive-sa-2015-001" - }, - { - "name" : "https://github.com/revive-adserver/revive-adserver/commit/288f81cc", - "refsource" : "CONFIRM", - "url" : "https://github.com/revive-adserver/revive-adserver/commit/288f81cc" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.revive-adserver.com/security/revive-sa-2015-001", + "refsource": "CONFIRM", + "url": "http://www.revive-adserver.com/security/revive-sa-2015-001" + }, + { + "name": "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536633/100/0/threaded" + }, + { + "name": "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/32" + }, + { + "name": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" + }, + { + "name": "https://github.com/revive-adserver/revive-adserver/commit/288f81cc", + "refsource": "CONFIRM", + "url": "https://github.com/revive-adserver/revive-adserver/commit/288f81cc" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7514.json b/2015/7xxx/CVE-2015-7514.json index 373b2325d7d..79593daae60 100644 --- a/2015/7xxx/CVE-2015-7514.json +++ b/2015/7xxx/CVE-2015-7514.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7514", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenStack Ironic 4.2.0 through 4.2.1 does not \"clean\" the disk after use, which allows remote authenticated users to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7514", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151203 OpenStack Ironic does not honor clean steps (CVE-2015-7514)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/03/4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1285809", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1285809" - }, - { - "name" : "https://review.openstack.org/#/c/252993", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/#/c/252993" - }, - { - "name" : "https://review.openstack.org/#/c/253001", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/#/c/253001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenStack Ironic 4.2.0 through 4.2.1 does not \"clean\" the disk after use, which allows remote authenticated users to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://review.openstack.org/#/c/253001", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/#/c/253001" + }, + { + "name": "[oss-security] 20151203 OpenStack Ironic does not honor clean steps (CVE-2015-7514)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/03/4" + }, + { + "name": "https://review.openstack.org/#/c/252993", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/#/c/252993" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1285809" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0547.json b/2016/0xxx/CVE-2016-0547.json index 3f8d1f24304..6f99ab20d9b 100644 --- a/2016/0xxx/CVE-2016-0547.json +++ b/2016/0xxx/CVE-2016-0547.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Components, a different vulnerability than CVE-2016-0511, CVE-2016-0548, and CVE-2016-0549." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Components, a different vulnerability than CVE-2016-0511, CVE-2016-0548, and CVE-2016-0549." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0944.json b/2016/0xxx/CVE-2016-0944.json index ae6e02f98d1..fae7f3c7de8 100644 --- a/2016/0xxx/CVE-2016-0944.json +++ b/2016/0xxx/CVE-2016-0944.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0944", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0944", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" - }, - { - "name" : "1034646", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0945, and CVE-2016-0946." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034646", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034646" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0966.json b/2016/0xxx/CVE-2016-0966.json index 7c176fe7aaf..8a7d7d1fd8d 100644 --- a/2016/0xxx/CVE-2016-0966.json +++ b/2016/0xxx/CVE-2016-0966.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "RHSA-2016:0166", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" - }, - { - "name" : "SUSE-SU-2016:0398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" - }, - { - "name" : "SUSE-SU-2016:0400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:0412", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0415", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" - }, - { - "name" : "1034970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0970, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" + }, + { + "name": "1034970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034970" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "RHSA-2016:0166", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" + }, + { + "name": "openSUSE-SU-2016:0415", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" + }, + { + "name": "openSUSE-SU-2016:0412", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" + }, + { + "name": "SUSE-SU-2016:0398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000155.json b/2016/1000xxx/CVE-2016-1000155.json index 294adfa9ef2..36773c30206 100644 --- a/2016/1000xxx/CVE-2016-1000155.json +++ b/2016/1000xxx/CVE-2016-1000155.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000155", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Reflected XSS in wordpress plugin wpsolr-search-engine v7.6" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000155", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=303", - "refsource" : "MISC", - "url" : "http://www.vapidlabs.com/wp/wp_advisory.php?v=303" - }, - { - "name" : "https://wordpress.org/plugins/wpsolr-search-engine", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/wpsolr-search-engine" - }, - { - "name" : "93536", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93536" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Reflected XSS in wordpress plugin wpsolr-search-engine v7.6" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.vapidlabs.com/wp/wp_advisory.php?v=303", + "refsource": "MISC", + "url": "http://www.vapidlabs.com/wp/wp_advisory.php?v=303" + }, + { + "name": "https://wordpress.org/plugins/wpsolr-search-engine", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/wpsolr-search-engine" + }, + { + "name": "93536", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93536" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000177.json b/2016/1000xxx/CVE-2016-1000177.json index 145c59f4c0b..6f4e483671b 100644 --- a/2016/1000xxx/CVE-2016-1000177.json +++ b/2016/1000xxx/CVE-2016-1000177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000177", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000177", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10099.json b/2016/10xxx/CVE-2016-10099.json index ffdf2073835..780f18f4920 100644 --- a/2016/10xxx/CVE-2016-10099.json +++ b/2016/10xxx/CVE-2016-10099.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10099", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10099", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability", - "refsource" : "CONFIRM", - "url" : "http://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability" - }, - { - "name" : "95205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95205" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability", + "refsource": "CONFIRM", + "url": "http://borgbackup.readthedocs.io/en/stable/changes.html#pre-1-0-9-manifest-spoofing-vulnerability" + }, + { + "name": "95205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95205" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10445.json b/2016/10xxx/CVE-2016-10445.json index acc356eb056..c7b738d5630 100644 --- a/2016/10xxx/CVE-2016-10445.json +++ b/2016/10xxx/CVE-2016-10445.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10445", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Automobile, Snapdragon Mobile", - "version" : { - "version_data" : [ - { - "version_value" : "SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, input is not properly validated in a QTEE API function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Input Validation in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10445", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Automobile, Snapdragon Mobile", + "version": { + "version_data": [ + { + "version_value": "SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, input is not properly validated in a QTEE API function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Input Validation in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1381.json b/2016/1xxx/CVE-2016-1381.json index fa4180dc33d..c86176e7f56 100644 --- a/2016/1xxx/CVE-2016-1381.json +++ b/2016/1xxx/CVE-2016-1381.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1381", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1381", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160518 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2" - }, - { - "name" : "1035909", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035909" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Memory leak in Cisco AsyncOS 8.5 through 9.0 before 9.0.1-162 on Web Security Appliance (WSA) devices allows remote attackers to cause a denial of service (memory consumption) via an HTTP file-range request for cached content, aka Bug ID CSCuw97270." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160518 Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160518-wsa2" + }, + { + "name": "1035909", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035909" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4107.json b/2016/4xxx/CVE-2016-4107.json index 6c8558e87b4..4917c526f32 100644 --- a/2016/4xxx/CVE-2016-4107.json +++ b/2016/4xxx/CVE-2016-4107.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4107", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4107", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "90512", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90512" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1051, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, and CVE-2016-4102." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90512", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90512" + }, + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4615.json b/2016/4xxx/CVE-2016-4615.json index d5500d02b1e..e0b954b4f3b 100644 --- a/2016/4xxx/CVE-2016-4615.json +++ b/2016/4xxx/CVE-2016-4615.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206899", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206899" - }, - { - "name" : "https://support.apple.com/HT206901", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206901" - }, - { - "name" : "https://support.apple.com/HT206902", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206902" - }, - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "https://support.apple.com/HT206904", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206904" - }, - { - "name" : "https://support.apple.com/HT206905", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206905" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "APPLE-SA-2016-07-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-07-18-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-07-18-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-07-18-6", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" - }, - { - "name" : "91826", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91826" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libxml2 in Apple iOS before 9.3.3, OS X before 10.11.6, iTunes before 12.4.2 on Windows, iCloud before 5.2.1 on Windows, tvOS before 9.2.2, and watchOS before 2.2.2 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors, a different vulnerability than CVE-2016-4614, CVE-2016-4616, and CVE-2016-4619." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-07-18-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00003.html" + }, + { + "name": "APPLE-SA-2016-07-18-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00002.html" + }, + { + "name": "APPLE-SA-2016-07-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" + }, + { + "name": "https://support.apple.com/HT206901", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206901" + }, + { + "name": "91826", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91826" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "APPLE-SA-2016-07-18-6", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00005.html" + }, + { + "name": "https://support.apple.com/HT206905", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206905" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + }, + { + "name": "https://support.apple.com/HT206902", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206902" + }, + { + "name": "https://support.apple.com/HT206904", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206904" + }, + { + "name": "https://support.apple.com/HT206899", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206899" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9385.json b/2016/9xxx/CVE-2016-9385.json index 2adc754b4d1..69bca12cbd3 100644 --- a/2016/9xxx/CVE-2016-9385.json +++ b/2016/9xxx/CVE-2016-9385.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9385", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9385", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-193.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-193.html" - }, - { - "name" : "https://support.citrix.com/article/CTX218775", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX218775" - }, - { - "name" : "GLSA-201612-56", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-56" - }, - { - "name" : "94472", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94472" - }, - { - "name" : "1037342", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The x86 segment base write emulation functionality in Xen 4.4.x through 4.7.x allows local x86 PV guest OS administrators to cause a denial of service (host crash) by leveraging lack of canonical address checks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201612-56", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-56" + }, + { + "name": "94472", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94472" + }, + { + "name": "1037342", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037342" + }, + { + "name": "https://support.citrix.com/article/CTX218775", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX218775" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-193.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-193.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9551.json b/2016/9xxx/CVE-2016-9551.json index 8953a972df8..0e6a74b0ed1 100644 --- a/2016/9xxx/CVE-2016-9551.json +++ b/2016/9xxx/CVE-2016-9551.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9551", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9551", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003038.json b/2019/1003xxx/CVE-2019-1003038.json index 5587926ca44..124cbda99a1 100644 --- a/2019/1003xxx/CVE-2019-1003038.json +++ b/2019/1003xxx/CVE-2019-1003038.json @@ -1,64 +1,64 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-03-06T22:44:37.387698", - "ID" : "CVE-2019-1003038", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins Repository Connector Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.4 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An insufficiently protected credentials vulnerability exists in Jenkins Repository Connector Plugin 1.2.4 and earlier in src/main/java/org/jvnet/hudson/plugins/repositoryconnector/ArtifactDeployer.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/Repository.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/UserPwd.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the password stored in the plugin configuration." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-522" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-03-06T22:44:37.387698", + "ID": "CVE-2019-1003038", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jenkins Repository Connector Plugin", + "version": { + "version_data": [ + { + "version_value": "1.2.4 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An insufficiently protected credentials vulnerability exists in Jenkins Repository Connector Plugin 1.2.4 and earlier in src/main/java/org/jvnet/hudson/plugins/repositoryconnector/ArtifactDeployer.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/Repository.java, src/main/java/org/jvnet/hudson/plugins/repositoryconnector/UserPwd.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the password stored in the plugin configuration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-522" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-958" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2460.json b/2019/2xxx/CVE-2019-2460.json index cee01e8b45c..581fe689b39 100644 --- a/2019/2xxx/CVE-2019-2460.json +++ b/2019/2xxx/CVE-2019-2460.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2460", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Outside In Technology", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.5.3" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2460", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Outside In Technology", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.5.3" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106588", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106588" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected is 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106588", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106588" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2754.json b/2019/2xxx/CVE-2019-2754.json index 7d9fe700ba6..481f9e83aac 100644 --- a/2019/2xxx/CVE-2019-2754.json +++ b/2019/2xxx/CVE-2019-2754.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2754", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2754", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3069.json b/2019/3xxx/CVE-2019-3069.json index d54a9b4d29e..c7ebb4d21c9 100644 --- a/2019/3xxx/CVE-2019-3069.json +++ b/2019/3xxx/CVE-2019-3069.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3069", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3069", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3169.json b/2019/3xxx/CVE-2019-3169.json index 7923b54b48b..820e704d2e6 100644 --- a/2019/3xxx/CVE-2019-3169.json +++ b/2019/3xxx/CVE-2019-3169.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3169", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3169", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3860.json b/2019/3xxx/CVE-2019-3860.json index c580a22c817..ae25897b581 100644 --- a/2019/3xxx/CVE-2019-3860.json +++ b/2019/3xxx/CVE-2019-3860.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3860", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3860", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3917.json b/2019/3xxx/CVE-2019-3917.json index a4e19f9761d..743407a4768 100644 --- a/2019/3xxx/CVE-2019-3917.json +++ b/2019/3xxx/CVE-2019-3917.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnreport@tenable.com", - "DATE_PUBLIC" : "2019-02-27T00:00:00", - "ID" : "CVE-2019-3917", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Alcatel Lucent I-240W-Q GPON ONT", - "version" : { - "version_data" : [ - { - "version_value" : "Firmware version 3FE54567BOZJ19" - } - ] - } - } - ] - }, - "vendor_name" : "Tenable" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-306 Missing Authentication for Critical Function" - } + "CVE_data_meta": { + "ASSIGNER": "vulnreport@tenable.com", + "DATE_PUBLIC": "2019-02-27T00:00:00", + "ID": "CVE-2019-3917", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Alcatel Lucent I-240W-Q GPON ONT", + "version": { + "version_data": [ + { + "version_value": "Firmware version 3FE54567BOZJ19" + } + ] + } + } + ] + }, + "vendor_name": "Tenable" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/research/tra-2019-09", - "refsource" : "MISC", - "url" : "https://www.tenable.com/security/research/tra-2019-09" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote, unauthenticated attacker to enable telnetd on the router via a crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-306 Missing Authentication for Critical Function" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/research/tra-2019-09", + "refsource": "MISC", + "url": "https://www.tenable.com/security/research/tra-2019-09" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6260.json b/2019/6xxx/CVE-2019-6260.json index 579a1e8d6de..781a95ec875 100644 --- a/2019/6xxx/CVE-2019-6260.json +++ b/2019/6xxx/CVE-2019-6260.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6260", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator). This CVE applies to the specific cases of iLPC2AHB bridge Pt I, iLPC2AHB bridge Pt II, PCIe VGA P2A bridge, DMA from/to arbitrary BMC memory via X-DMA, UART-based SoC Debug interface, LPC2AHB bridge, PCIe BMC P2A bridge, and Watchdog setup." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6260", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/", - "refsource" : "MISC", - "url" : "https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190314-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190314-0001/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) hardware and firmware implement Advanced High-performance Bus (AHB) bridges, which allow arbitrary read and write access to the BMC's physical address space from the host (or from the network in unusual cases where the BMC console uart is attached to a serial concentrator). This CVE applies to the specific cases of iLPC2AHB bridge Pt I, iLPC2AHB bridge Pt II, PCIe VGA P2A bridge, DMA from/to arbitrary BMC memory via X-DMA, UART-based SoC Debug interface, LPC2AHB bridge, PCIe BMC P2A bridge, and Watchdog setup." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/", + "refsource": "MISC", + "url": "https://www.flamingspork.com/blog/2019/01/23/cve-2019-6260:-gaining-control-of-bmc-from-the-host-processor/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190314-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190314-0001/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6624.json b/2019/6xxx/CVE-2019-6624.json index 8bb6d269186..4db51ab5ed9 100644 --- a/2019/6xxx/CVE-2019-6624.json +++ b/2019/6xxx/CVE-2019-6624.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6624", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6624", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6672.json b/2019/6xxx/CVE-2019-6672.json index c79abd4f724..a261ffefabb 100644 --- a/2019/6xxx/CVE-2019-6672.json +++ b/2019/6xxx/CVE-2019-6672.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6672", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6672", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6708.json b/2019/6xxx/CVE-2019-6708.json index 50984c02192..7010d9b21e4 100644 --- a/2019/6xxx/CVE-2019-6708.json +++ b/2019/6xxx/CVE-2019-6708.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6708", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6708", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/kk98kk0/exploit/issues/2", - "refsource" : "MISC", - "url" : "https://github.com/kk98kk0/exploit/issues/2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHPSHE 1.7 has SQL injection via the admin.php?mod=order state parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/kk98kk0/exploit/issues/2", + "refsource": "MISC", + "url": "https://github.com/kk98kk0/exploit/issues/2" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6992.json b/2019/6xxx/CVE-2019-6992.json index 04a6a5a5e94..71edcd71524 100644 --- a/2019/6xxx/CVE-2019-6992.json +++ b/2019/6xxx/CVE-2019-6992.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498" - }, - { - "name" : "https://github.com/ZoneMinder/zoneminder/issues/2445", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/issues/2445" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZoneMinder/zoneminder/issues/2445", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/issues/2445" + }, + { + "name": "https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7828.json b/2019/7xxx/CVE-2019-7828.json index 469ec8b6716..110d19725a9 100644 --- a/2019/7xxx/CVE-2019-7828.json +++ b/2019/7xxx/CVE-2019-7828.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7828", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7828", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8041.json b/2019/8xxx/CVE-2019-8041.json index 9e72add5d00..e76db18ed4e 100644 --- a/2019/8xxx/CVE-2019-8041.json +++ b/2019/8xxx/CVE-2019-8041.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8041", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8041", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8150.json b/2019/8xxx/CVE-2019-8150.json index 5f272b34ba3..595dff81529 100644 --- a/2019/8xxx/CVE-2019-8150.json +++ b/2019/8xxx/CVE-2019-8150.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8150", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8150", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8323.json b/2019/8xxx/CVE-2019-8323.json index 9d9ea169c33..839a8d5222f 100644 --- a/2019/8xxx/CVE-2019-8323.json +++ b/2019/8xxx/CVE-2019-8323.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8323", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8323", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8788.json b/2019/8xxx/CVE-2019-8788.json index dfec3cbbc18..c5f3bb7ab7f 100644 --- a/2019/8xxx/CVE-2019-8788.json +++ b/2019/8xxx/CVE-2019-8788.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8788", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8788", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9084.json b/2019/9xxx/CVE-2019-9084.json index 59b05bdeae1..d7c4031395e 100644 --- a/2019/9xxx/CVE-2019-9084.json +++ b/2019/9xxx/CVE-2019-9084.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9084", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9084", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9173.json b/2019/9xxx/CVE-2019-9173.json index 30de545db35..8519f40dfbd 100644 --- a/2019/9xxx/CVE-2019-9173.json +++ b/2019/9xxx/CVE-2019-9173.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9173", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9173", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9251.json b/2019/9xxx/CVE-2019-9251.json index 82f4239f592..aff819a62ed 100644 --- a/2019/9xxx/CVE-2019-9251.json +++ b/2019/9xxx/CVE-2019-9251.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9251", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9251", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9510.json b/2019/9xxx/CVE-2019-9510.json index 79aba33c915..56ee59a62d0 100644 --- a/2019/9xxx/CVE-2019-9510.json +++ b/2019/9xxx/CVE-2019-9510.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9510", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9510", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file