From c9770ce701fb7ef2d01cd91d51c15b7b7598b3e8 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 21:38:56 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0442.json | 150 ++++---- 2007/0xxx/CVE-2007-0526.json | 180 +++++----- 2007/2xxx/CVE-2007-2796.json | 190 +++++----- 2007/2xxx/CVE-2007-2847.json | 150 ++++---- 2007/3xxx/CVE-2007-3402.json | 170 ++++----- 2007/3xxx/CVE-2007-3661.json | 140 ++++---- 2007/3xxx/CVE-2007-3737.json | 550 ++++++++++++++--------------- 2007/4xxx/CVE-2007-4251.json | 160 ++++----- 2007/4xxx/CVE-2007-4300.json | 34 +- 2007/4xxx/CVE-2007-4643.json | 200 +++++------ 2007/4xxx/CVE-2007-4677.json | 240 ++++++------- 2007/4xxx/CVE-2007-4917.json | 150 ++++---- 2007/4xxx/CVE-2007-4977.json | 200 +++++------ 2007/6xxx/CVE-2007-6064.json | 34 +- 2007/6xxx/CVE-2007-6713.json | 150 ++++---- 2010/1xxx/CVE-2010-1245.json | 150 ++++---- 2010/5xxx/CVE-2010-5059.json | 160 ++++----- 2010/5xxx/CVE-2010-5066.json | 130 +++---- 2014/100xxx/CVE-2014-100012.json | 120 +++---- 2014/1xxx/CVE-2014-1907.json | 140 ++++---- 2014/1xxx/CVE-2014-1908.json | 120 +++---- 2014/1xxx/CVE-2014-1992.json | 140 ++++---- 2014/5xxx/CVE-2014-5311.json | 34 +- 2014/5xxx/CVE-2014-5440.json | 140 ++++---- 2014/5xxx/CVE-2014-5663.json | 140 ++++---- 2014/5xxx/CVE-2014-5785.json | 140 ++++---- 2014/5xxx/CVE-2014-5841.json | 140 ++++---- 2014/5xxx/CVE-2014-5884.json | 140 ++++---- 2014/5xxx/CVE-2014-5889.json | 140 ++++---- 2015/2xxx/CVE-2015-2030.json | 140 ++++---- 2015/2xxx/CVE-2015-2140.json | 130 +++---- 2015/2xxx/CVE-2015-2248.json | 170 ++++----- 2015/2xxx/CVE-2015-2448.json | 140 ++++---- 2015/2xxx/CVE-2015-2715.json | 180 +++++----- 2015/2xxx/CVE-2015-2997.json | 160 ++++----- 2015/6xxx/CVE-2015-6200.json | 34 +- 2015/6xxx/CVE-2015-6553.json | 34 +- 2016/1000xxx/CVE-2016-1000167.json | 34 +- 2016/10xxx/CVE-2016-10049.json | 160 ++++----- 2016/10xxx/CVE-2016-10366.json | 120 +++---- 2016/10xxx/CVE-2016-10372.json | 140 ++++---- 2016/10xxx/CVE-2016-10530.json | 132 +++---- 2016/4xxx/CVE-2016-4014.json | 150 ++++---- 2016/4xxx/CVE-2016-4047.json | 130 +++---- 2016/4xxx/CVE-2016-4402.json | 140 ++++---- 2016/4xxx/CVE-2016-4457.json | 150 ++++---- 2016/4xxx/CVE-2016-4824.json | 140 ++++---- 2016/8xxx/CVE-2016-8238.json | 34 +- 2016/9xxx/CVE-2016-9009.json | 130 +++---- 2016/9xxx/CVE-2016-9026.json | 34 +- 2016/9xxx/CVE-2016-9264.json | 140 ++++---- 2016/9xxx/CVE-2016-9351.json | 140 ++++---- 2016/9xxx/CVE-2016-9457.json | 150 ++++---- 2019/2xxx/CVE-2019-2143.json | 34 +- 2019/2xxx/CVE-2019-2233.json | 34 +- 2019/2xxx/CVE-2019-2429.json | 140 ++++---- 2019/3xxx/CVE-2019-3046.json | 34 +- 2019/3xxx/CVE-2019-3185.json | 34 +- 2019/3xxx/CVE-2019-3208.json | 34 +- 2019/3xxx/CVE-2019-3996.json | 34 +- 2019/6xxx/CVE-2019-6255.json | 34 +- 2019/6xxx/CVE-2019-6303.json | 34 +- 2019/6xxx/CVE-2019-6970.json | 34 +- 2019/7xxx/CVE-2019-7471.json | 34 +- 2019/7xxx/CVE-2019-7473.json | 34 +- 2019/7xxx/CVE-2019-7549.json | 34 +- 2019/8xxx/CVE-2019-8116.json | 34 +- 67 files changed, 4013 insertions(+), 4013 deletions(-) diff --git a/2007/0xxx/CVE-2007-0442.json b/2007/0xxx/CVE-2007-0442.json index d72e65daead..1dd45864c31 100644 --- a/2007/0xxx/CVE-2007-0442.json +++ b/2007/0xxx/CVE-2007-0442.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impact and remote attack vectors, related to an \"Integrity Problem\" involving LIC-TCPIP and TCP reset. NOTE: it is possible that this issue is related to CVE-2004-0230, but this is not certain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MA33860", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=nas2c8623b2ed01d45d08625718e0043edc2" - }, - { - "name" : "MA33861", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=nas204b3e62c8a63af708625718e0043eddc" - }, - { - "name" : "32812", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32812" - }, - { - "name" : "23765", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23765" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in IBM OS/400 R530 and R535 has unknown impact and remote attack vectors, related to an \"Integrity Problem\" involving LIC-TCPIP and TCP reset. NOTE: it is possible that this issue is related to CVE-2004-0230, but this is not certain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MA33860", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=nas2c8623b2ed01d45d08625718e0043edc2" + }, + { + "name": "23765", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23765" + }, + { + "name": "32812", + "refsource": "OSVDB", + "url": "http://osvdb.org/32812" + }, + { + "name": "MA33861", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=nas204b3e62c8a63af708625718e0043eddc" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0526.json b/2007/0xxx/CVE-2007-0526.json index 177cdc41f0e..2d3f7e0373c 100644 --- a/2007/0xxx/CVE-2007-0526.json +++ b/2007/0xxx/CVE-2007-0526.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0526", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL (PATH_INFO) to (1) articles/edit.php, (2) articles/list.php, (3) blogs/list_blogs.php, or (4) blogs/rankings.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0526", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070122 [x0n3-h4ck] bitweaver 1.3.1 XSS Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457695/100/0/threaded" - }, - { - "name" : "33578", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33578" - }, - { - "name" : "33579", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33579" - }, - { - "name" : "33580", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33580" - }, - { - "name" : "33581", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33581" - }, - { - "name" : "2186", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2186" - }, - { - "name" : "bitweaver-multiple-scripts-xss(31655)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31655" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 1.3.1 allow remote attackers to inject arbitrary web script or HTML via the URL (PATH_INFO) to (1) articles/edit.php, (2) articles/list.php, (3) blogs/list_blogs.php, or (4) blogs/rankings.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2186", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2186" + }, + { + "name": "33579", + "refsource": "OSVDB", + "url": "http://osvdb.org/33579" + }, + { + "name": "bitweaver-multiple-scripts-xss(31655)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31655" + }, + { + "name": "33578", + "refsource": "OSVDB", + "url": "http://osvdb.org/33578" + }, + { + "name": "20070122 [x0n3-h4ck] bitweaver 1.3.1 XSS Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457695/100/0/threaded" + }, + { + "name": "33580", + "refsource": "OSVDB", + "url": "http://osvdb.org/33580" + }, + { + "name": "33581", + "refsource": "OSVDB", + "url": "http://osvdb.org/33581" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2796.json b/2007/2xxx/CVE-2007-2796.json index 771343538ee..dcabb959188 100644 --- a/2007/2xxx/CVE-2007-2796.json +++ b/2007/2xxx/CVE-2007-2796.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2796", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2796", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070612 ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471195/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-036.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-036.html" - }, - { - "name" : "24430", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24430" - }, - { - "name" : "37233", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37233" - }, - { - "name" : "ADV-2007-2162", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2162" - }, - { - "name" : "1018220", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018220" - }, - { - "name" : "25611", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25611" - }, - { - "name" : "cadant-c3-ip-dos(34822)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34822" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37233", + "refsource": "OSVDB", + "url": "http://osvdb.org/37233" + }, + { + "name": "ADV-2007-2162", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2162" + }, + { + "name": "cadant-c3-ip-dos(34822)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34822" + }, + { + "name": "25611", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25611" + }, + { + "name": "24430", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24430" + }, + { + "name": "20070612 ZDI-07-036: Arris Cadant C3 CMTS Remote DoS Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471195/100/0/threaded" + }, + { + "name": "1018220", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018220" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-036.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-036.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2847.json b/2007/2xxx/CVE-2007-2847.json index bf97b900166..73e05f44bea 100644 --- a/2007/2xxx/CVE-2007-2847.json +++ b/2007/2xxx/CVE-2007-2847.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2847", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in HLstats 1.35, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) authusername or (2) authpassword parameter, different vectors than CVE-2007-0840 and CVE-2007-2812." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2847", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070521 RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/469291/100/0/threaded" - }, - { - "name" : "24102", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24102" - }, - { - "name" : "36215", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36215" - }, - { - "name" : "hlstats-authusername-authpassword-xss(34450)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34450" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in hlstats.php in HLstats 1.35, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) authusername or (2) authpassword parameter, different vectors than CVE-2007-0840 and CVE-2007-2812." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070521 RedLevel Advisory #020 - HLstats v1.35 Cross-Site Scripting Vulnerability #3", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/469291/100/0/threaded" + }, + { + "name": "36215", + "refsource": "OSVDB", + "url": "http://osvdb.org/36215" + }, + { + "name": "hlstats-authusername-authpassword-xss(34450)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34450" + }, + { + "name": "24102", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24102" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3402.json b/2007/3xxx/CVE-2007-3402.json index dd3ad4cc780..7c3fb309163 100644 --- a/2007/3xxx/CVE-2007-3402.json +++ b/2007/3xxx/CVE-2007-3402.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080224 Powered by Pagetool Ver (1.04-05-06-07)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488724/100/0/threaded" - }, - { - "name" : "20080225 Re: Powered by Pagetool Ver (1.04-05-06-07)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/488742/100/0/threaded" - }, - { - "name" : "4107", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4107" - }, - { - "name" : "24640", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24640" - }, - { - "name" : "38225", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38225" - }, - { - "name" : "pagetool-index-sql-injection(35056)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in pagetool 1.07 allows remote attackers to execute arbitrary SQL commands via the news_id parameter in a pagetool_news action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20080225 Re: Powered by Pagetool Ver (1.04-05-06-07)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488742/100/0/threaded" + }, + { + "name": "20080224 Powered by Pagetool Ver (1.04-05-06-07)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/488724/100/0/threaded" + }, + { + "name": "4107", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4107" + }, + { + "name": "24640", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24640" + }, + { + "name": "38225", + "refsource": "OSVDB", + "url": "http://osvdb.org/38225" + }, + { + "name": "pagetool-index-sql-injection(35056)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35056" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3661.json b/2007/3xxx/CVE-2007-3661.json index d02d75bb884..60d64e4084b 100644 --- a/2007/3xxx/CVE-2007-3661.json +++ b/2007/3xxx/CVE-2007-3661.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3661", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to cause a denial of service via certain function calls, as demonstrated via the (1) Attach, (2) Write, and (3) WriteStr functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070707 [Eleytt] 7LIPIEC2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473187" - }, - { - "name" : "24827", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24827" - }, - { - "name" : "43775", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/43775" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to cause a denial of service via certain function calls, as demonstrated via the (1) Attach, (2) Write, and (3) WriteStr functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070707 [Eleytt] 7LIPIEC2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473187" + }, + { + "name": "24827", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24827" + }, + { + "name": "43775", + "refsource": "OSVDB", + "url": "http://osvdb.org/43775" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3737.json b/2007/3xxx/CVE-2007-3737.json index b0ca2914ec8..a74d0ad84af 100644 --- a/2007/3xxx/CVE-2007-3737.json +++ b/2007/3xxx/CVE-2007-3737.json @@ -1,277 +1,277 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3737", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified \"element outside of a document.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3737", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070720 rPSA-2007-0148-1 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474226/100/0/threaded" - }, - { - "name" : "20070724 FLEA-2007-0033-1: firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474542/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-21.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-21.html" - }, - { - "name" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" - }, - { - "name" : "DSA-1337", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1337" - }, - { - "name" : "DSA-1338", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1338" - }, - { - "name" : "DSA-1339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1339" - }, - { - "name" : "GLSA-200708-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:152", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" - }, - { - "name" : "RHSA-2007:0722", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0722.html" - }, - { - "name" : "RHSA-2007:0723", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0723.html" - }, - { - "name" : "RHSA-2007:0724", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0724.html" - }, - { - "name" : "20070701-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" - }, - { - "name" : "103177", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" - }, - { - "name" : "201516", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" - }, - { - "name" : "SUSE-SA:2007:049", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" - }, - { - "name" : "USN-490-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-490-1" - }, - { - "name" : "24946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24946" - }, - { - "name" : "oval:org.mitre.oval:def:10009", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009" - }, - { - "name" : "ADV-2007-2564", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2564" - }, - { - "name" : "ADV-2007-4256", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4256" - }, - { - "name" : "1018409", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018409" - }, - { - "name" : "26095", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26095" - }, - { - "name" : "26103", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26103" - }, - { - "name" : "26106", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26106" - }, - { - "name" : "26107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26107" - }, - { - "name" : "25589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25589" - }, - { - "name" : "26179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26179" - }, - { - "name" : "26149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26149" - }, - { - "name" : "26151", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26151" - }, - { - "name" : "26072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26072" - }, - { - "name" : "26211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26211" - }, - { - "name" : "26216", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26216" - }, - { - "name" : "26204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26204" - }, - { - "name" : "26205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26205" - }, - { - "name" : "26159", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26159" - }, - { - "name" : "26271", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26271" - }, - { - "name" : "26258", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26258" - }, - { - "name" : "26460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26460" - }, - { - "name" : "28135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28135" - }, - { - "name" : "firefox-eventhandler-code-execution(35461)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35461" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified \"element outside of a document.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-490-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-490-1" + }, + { + "name": "26107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26107" + }, + { + "name": "26179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26179" + }, + { + "name": "ADV-2007-4256", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4256" + }, + { + "name": "25589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25589" + }, + { + "name": "1018409", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018409" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "MDKSA-2007:152", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" + }, + { + "name": "GLSA-200708-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" + }, + { + "name": "DSA-1339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1339" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-21.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-21.html" + }, + { + "name": "26151", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26151" + }, + { + "name": "28135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28135" + }, + { + "name": "26216", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26216" + }, + { + "name": "oval:org.mitre.oval:def:10009", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10009" + }, + { + "name": "26103", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26103" + }, + { + "name": "26072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26072" + }, + { + "name": "26149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26149" + }, + { + "name": "103177", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" + }, + { + "name": "ADV-2007-2564", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2564" + }, + { + "name": "DSA-1337", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1337" + }, + { + "name": "26211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26211" + }, + { + "name": "26159", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26159" + }, + { + "name": "SUSE-SA:2007:049", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "DSA-1338", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1338" + }, + { + "name": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" + }, + { + "name": "firefox-eventhandler-code-execution(35461)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35461" + }, + { + "name": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" + }, + { + "name": "26095", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26095" + }, + { + "name": "20070724 FLEA-2007-0033-1: firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474542/100/0/threaded" + }, + { + "name": "26258", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26258" + }, + { + "name": "24946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24946" + }, + { + "name": "26460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26460" + }, + { + "name": "26106", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26106" + }, + { + "name": "20070701-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" + }, + { + "name": "RHSA-2007:0724", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0724.html" + }, + { + "name": "20070720 rPSA-2007-0148-1 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474226/100/0/threaded" + }, + { + "name": "RHSA-2007:0723", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0723.html" + }, + { + "name": "26271", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26271" + }, + { + "name": "RHSA-2007:0722", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0722.html" + }, + { + "name": "201516", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" + }, + { + "name": "26204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26204" + }, + { + "name": "26205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26205" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4251.json b/2007/4xxx/CVE-2007-4251.json index 13b08274620..1abdb8f1e2c 100644 --- a/2007/4xxx/CVE-2007-4251.json +++ b/2007/4xxx/CVE-2007-4251.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070804 [ELEYTT] 4SIERPIEN2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475534/100/0/threaded" - }, - { - "name" : "46766", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46766" - }, - { - "name" : "1018544", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018544" - }, - { - "name" : "3004", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3004" - }, - { - "name" : "openoffice-fileextension-dos(35806)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35806" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenOffice.org (OOo) 2.2 does not properly handle files with multiple extensions, which allows user-assisted remote attackers to cause a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070804 [ELEYTT] 4SIERPIEN2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475534/100/0/threaded" + }, + { + "name": "openoffice-fileextension-dos(35806)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35806" + }, + { + "name": "46766", + "refsource": "OSVDB", + "url": "http://osvdb.org/46766" + }, + { + "name": "1018544", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018544" + }, + { + "name": "3004", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3004" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4300.json b/2007/4xxx/CVE-2007-4300.json index 768fcdf0dbb..8446e8cf283 100644 --- a/2007/4xxx/CVE-2007-4300.json +++ b/2007/4xxx/CVE-2007-4300.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4300", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4300", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4643.json b/2007/4xxx/CVE-2007-4643.json index 990cba79d82..74383f1b504 100644 --- a/2007/4xxx/CVE-2007-4643.json +++ b/2007/4xxx/CVE-2007-4643.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4643", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4643", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478077/100/0/threaded" - }, - { - "name" : "http://aluigi.org/poc/dumsdei.zip", - "refsource" : "MISC", - "url" : "http://aluigi.org/poc/dumsdei.zip" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=190835", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=190835" - }, - { - "name" : "GLSA-200802-02", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200802-02.xml" - }, - { - "name" : "25483", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25483" - }, - { - "name" : "26524", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26524" - }, - { - "name" : "28821", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28821" - }, - { - "name" : "3084", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3084" - }, - { - "name" : "doomsday-svhandlepacket-underflow(36338)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in Doomsday (aka deng) 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via a PKT_CHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the Sv_HandlePacket function in sv_main.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "doomsday-svhandlepacket-underflow(36338)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36338" + }, + { + "name": "3084", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3084" + }, + { + "name": "28821", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28821" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=190835", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=190835" + }, + { + "name": "26524", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26524" + }, + { + "name": "20070829 Multiple vulnerabilities in Doomsday 1.9.0-beta5.1", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478077/100/0/threaded" + }, + { + "name": "25483", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25483" + }, + { + "name": "GLSA-200802-02", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200802-02.xml" + }, + { + "name": "http://aluigi.org/poc/dumsdei.zip", + "refsource": "MISC", + "url": "http://aluigi.org/poc/dumsdei.zip" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4677.json b/2007/4xxx/CVE-2007-4677.json index 0c88dd1a50b..4aa32d06471 100644 --- a/2007/4xxx/CVE-2007-4677.json +++ b/2007/4xxx/CVE-2007-4677.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071105 ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483312/100/0/threaded" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=306896", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306896" - }, - { - "name" : "APPLE-SA-2007-11-05", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" - }, - { - "name" : "TA07-310A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" - }, - { - "name" : "VU#445083", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/445083" - }, - { - "name" : "26338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26338" - }, - { - "name" : "ADV-2007-3723", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3723" - }, - { - "name" : "38544", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/38544" - }, - { - "name" : "1018894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018894" - }, - { - "name" : "27523", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27523" - }, - { - "name" : "3352", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3352" - }, - { - "name" : "quicktime-colortable-atom-bo(38283)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in Apple QuickTime before 7.3 allows remote attackers to execute arbitrary code via an invalid color table size when parsing the color table atom (CTAB) in a movie file, related to the CTAB RGB values." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA07-310A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-310A.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306896", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306896" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-065.html" + }, + { + "name": "26338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26338" + }, + { + "name": "VU#445083", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/445083" + }, + { + "name": "APPLE-SA-2007-11-05", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00000.html" + }, + { + "name": "27523", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27523" + }, + { + "name": "38544", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/38544" + }, + { + "name": "quicktime-colortable-atom-bo(38283)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38283" + }, + { + "name": "20071105 ZDI-07-065: Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483312/100/0/threaded" + }, + { + "name": "1018894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018894" + }, + { + "name": "ADV-2007-3723", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3723" + }, + { + "name": "3352", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3352" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4917.json b/2007/4xxx/CVE-2007-4917.json index 54e49aba9a7..518809ae6d7 100644 --- a/2007/4xxx/CVE-2007-4917.json +++ b/2007/4xxx/CVE-2007-4917.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4917", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the ip parameter in an online action, a different vector than CVE-2007-4334." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4917", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070914 new XSS vulnerability in php-stats -tracking.php", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479439/100/0/threaded" - }, - { - "name" : "25674", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25674" - }, - { - "name" : "3149", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3149" - }, - { - "name" : "phpstats-tracking-xss(36616)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36616" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in tracking.php in PHP-Stats 0.1.9.2 allows remote attackers to inject arbitrary web script or HTML via the ip parameter in an online action, a different vector than CVE-2007-4334." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3149", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3149" + }, + { + "name": "phpstats-tracking-xss(36616)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36616" + }, + { + "name": "20070914 new XSS vulnerability in php-stats -tracking.php", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479439/100/0/threaded" + }, + { + "name": "25674", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25674" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4977.json b/2007/4xxx/CVE-2007-4977.json index 9e6cecdca80..5c0824281f2 100644 --- a/2007/4xxx/CVE-2007-4977.json +++ b/2007/4xxx/CVE-2007-4977.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4977", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4977", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070917 Coppermine <= 1.4.12 Cross Site Scripting and Local File Inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479757/100/0/threaded" - }, - { - "name" : "http://coppermine-gallery.net/forum/index.php?topic=46847.0", - "refsource" : "CONFIRM", - "url" : "http://coppermine-gallery.net/forum/index.php?topic=46847.0" - }, - { - "name" : "25698", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25698" - }, - { - "name" : "ADV-2007-3194", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3194" - }, - { - "name" : "37100", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37100" - }, - { - "name" : "1018704", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018704" - }, - { - "name" : "26843", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26843" - }, - { - "name" : "3152", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3152" - }, - { - "name" : "coppermine-mode-xss(36659)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36659" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in mode.php in Coppermine Photo Gallery (CPG) 1.4.12 and earlier allows remote attackers to inject arbitrary web script or HTML via the referer parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://coppermine-gallery.net/forum/index.php?topic=46847.0", + "refsource": "CONFIRM", + "url": "http://coppermine-gallery.net/forum/index.php?topic=46847.0" + }, + { + "name": "3152", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3152" + }, + { + "name": "20070917 Coppermine <= 1.4.12 Cross Site Scripting and Local File Inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479757/100/0/threaded" + }, + { + "name": "37100", + "refsource": "OSVDB", + "url": "http://osvdb.org/37100" + }, + { + "name": "1018704", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018704" + }, + { + "name": "26843", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26843" + }, + { + "name": "coppermine-mode-xss(36659)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36659" + }, + { + "name": "ADV-2007-3194", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3194" + }, + { + "name": "25698", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25698" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6064.json b/2007/6xxx/CVE-2007-6064.json index bd8d4522386..9977d3d4306 100644 --- a/2007/6xxx/CVE-2007-6064.json +++ b/2007/6xxx/CVE-2007-6064.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6064", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6064", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6713.json b/2007/6xxx/CVE-2007-6713.json index ba1e42fc924..c9f70a6114f 100644 --- a/2007/6xxx/CVE-2007-6713.json +++ b/2007/6xxx/CVE-2007-6713.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6713", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6713", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.flip4mac.com/downloads/wmv_components/rel_Flip4mac_WMV_2.2.0.49.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.flip4mac.com/downloads/wmv_components/rel_Flip4mac_WMV_2.2.0.49.pdf" - }, - { - "name" : "28912", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28912" - }, - { - "name" : "29922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29922" - }, - { - "name" : "flip4mac-wmv-unspecified(41872)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Flip4Mac WMV before 2.2.0.49 has unknown impact and attack vectors related to malformed WMV files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.flip4mac.com/downloads/wmv_components/rel_Flip4mac_WMV_2.2.0.49.pdf", + "refsource": "CONFIRM", + "url": "http://www.flip4mac.com/downloads/wmv_components/rel_Flip4mac_WMV_2.2.0.49.pdf" + }, + { + "name": "29922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29922" + }, + { + "name": "flip4mac-wmv-unspecified(41872)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41872" + }, + { + "name": "28912", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28912" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1245.json b/2010/1xxx/CVE-2010-1245.json index 7686c2499c0..ebf9ca2dcee 100644 --- a/2010/1xxx/CVE-2010-1245.json +++ b/2010/1xxx/CVE-2010-1245.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1245", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka \"Excel Record Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0824 and CVE-2010-0821." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2010-1245", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100608 VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-2010-1245)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511753/100/0/threaded" - }, - { - "name" : "MS10-038", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" - }, - { - "name" : "TA10-159B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" - }, - { - "name" : "oval:org.mitre.oval:def:6877", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka \"Excel Record Memory Corruption Vulnerability,\" a different vulnerability than CVE-2010-0824 and CVE-2010-0821." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS10-038", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038" + }, + { + "name": "20100608 VUPEN Security Research - Microsoft Office Excel SxView Memory Corruption Vulnerability (CVE-2010-1245)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511753/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:6877", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6877" + }, + { + "name": "TA10-159B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-159B.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5059.json b/2010/5xxx/CVE-2010-5059.json index d64094205cd..e1c6e6d5489 100644 --- a/2010/5xxx/CVE-2010-5059.json +++ b/2010/5xxx/CVE-2010-5059.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1004-exploits/cmscout-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1004-exploits/cmscout-sql.txt" - }, - { - "name" : "http://www.exploit-db.com/exploits/12407", - "refsource" : "MISC", - "url" : "http://www.exploit-db.com/exploits/12407" - }, - { - "name" : "39707", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39707" - }, - { - "name" : "39602", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39602" - }, - { - "name" : "ADV-2010-0998", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0998" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in CMScout 2.0.8 allows remote attackers to execute arbitrary SQL commands via the album parameter in a photos action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/1004-exploits/cmscout-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1004-exploits/cmscout-sql.txt" + }, + { + "name": "http://www.exploit-db.com/exploits/12407", + "refsource": "MISC", + "url": "http://www.exploit-db.com/exploits/12407" + }, + { + "name": "39707", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39707" + }, + { + "name": "ADV-2010-0998", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0998" + }, + { + "name": "39602", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39602" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5066.json b/2010/5xxx/CVE-2010-5066.json index a186c16bd33..4e90e4c279e 100644 --- a/2010/5xxx/CVE-2010-5066.json +++ b/2010/5xxx/CVE-2010-5066.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The createRandomPassword function in includes/functions_common.php in Virtual War (aka VWar) 1.6.1 R2 uses a small range of values to select the seed argument for the PHP mt_srand function, which makes it easier for remote attackers to determine randomly generated passwords via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100822 VWar 1.6.1 R2 Multiple Remote Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2010/Aug/235" - }, - { - "name" : "http://dmcdonald.net/vwar.txt", - "refsource" : "MISC", - "url" : "http://dmcdonald.net/vwar.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The createRandomPassword function in includes/functions_common.php in Virtual War (aka VWar) 1.6.1 R2 uses a small range of values to select the seed argument for the PHP mt_srand function, which makes it easier for remote attackers to determine randomly generated passwords via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://dmcdonald.net/vwar.txt", + "refsource": "MISC", + "url": "http://dmcdonald.net/vwar.txt" + }, + { + "name": "20100822 VWar 1.6.1 R2 Multiple Remote Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2010/Aug/235" + } + ] + } +} \ No newline at end of file diff --git a/2014/100xxx/CVE-2014-100012.json b/2014/100xxx/CVE-2014-100012.json index 023e7ae651e..f27d98e6b2e 100644 --- a/2014/100xxx/CVE-2014-100012.json +++ b/2014/100xxx/CVE-2014-100012.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-100012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-100012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "31898", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/31898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31898", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/31898" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1907.json b/2014/1xxx/CVE-2014-1907.json index 17beac4f1a9..dba54ee037f 100644 --- a/2014/1xxx/CVE-2014-1907.json +++ b/2014/1xxx/CVE-2014-1907.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_logout.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/125454", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/125454" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23199", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23199" - }, - { - "name" : "videowhisper-cve20141907-dir-trav(91478)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91478" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_login.php or (2) delete arbitrary files via a .. (dot dot) in the s parameter to ls/rtmp_logout.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/125454", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/125454" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23199", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23199" + }, + { + "name": "videowhisper-cve20141907-dir-trav(91478)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91478" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1908.json b/2014/1xxx/CVE-2014-1908.json index 8456ad57b63..5cf8423905d 100644 --- a/2014/1xxx/CVE-2014-1908.json +++ b/2014/1xxx/CVE-2014-1908.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1908", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1908", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.htbridge.com/advisory/HTB23199", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23199" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The error-handling feature in (1) bp.php, (2) videowhisper_streaming.php, and (3) ls/rtmp.inc.php in the VideoWhisper Live Streaming Integration plugin before 4.29.5 for WordPress allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.htbridge.com/advisory/HTB23199", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23199" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1992.json b/2014/1xxx/CVE-2014-1992.json index aa07b41105e..f860b9eab8f 100644 --- a/2014/1xxx/CVE-2014-1992.json +++ b/2014/1xxx/CVE-2014-1992.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2014-1992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://cs.cybozu.co.jp/information/gr20140714up05.php", - "refsource" : "CONFIRM", - "url" : "http://cs.cybozu.co.jp/information/gr20140714up05.php" - }, - { - "name" : "JVN#94838679", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN94838679/index.html" - }, - { - "name" : "JVNDB-2014-000078", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000078" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3.5.x, and 3.7.x before 3.7 SP4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://cs.cybozu.co.jp/information/gr20140714up05.php", + "refsource": "CONFIRM", + "url": "http://cs.cybozu.co.jp/information/gr20140714up05.php" + }, + { + "name": "JVNDB-2014-000078", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000078" + }, + { + "name": "JVN#94838679", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN94838679/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5311.json b/2014/5xxx/CVE-2014-5311.json index 901c8a8e22b..f5d78172b1a 100644 --- a/2014/5xxx/CVE-2014-5311.json +++ b/2014/5xxx/CVE-2014-5311.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5311", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5311", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5440.json b/2014/5xxx/CVE-2014-5440.json index a631649df6a..17b3b3e4e26 100644 --- a/2014/5xxx/CVE-2014-5440.json +++ b/2014/5xxx/CVE-2014-5440.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5440", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 allows remote attackers to execute arbitrary SQL commands via the ct100%24CPHContent%24password parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5440", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140830 [CVE-2014-5440] MX-SmartTimer SQL Injection", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Aug/83" - }, - { - "name" : "http://packetstormsecurity.com/files/128064/MX-SmartTimer-13.18.5.11-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128064/MX-SmartTimer-13.18.5.11-SQL-Injection.html" - }, - { - "name" : "mxsmarttimer-cve20145440-sql-injection(95675)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/95675" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Login.aspx in MPEX Business Solutions MX-SmartTimer before 13.19.18 allows remote attackers to execute arbitrary SQL commands via the ct100%24CPHContent%24password parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "mxsmarttimer-cve20145440-sql-injection(95675)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95675" + }, + { + "name": "20140830 [CVE-2014-5440] MX-SmartTimer SQL Injection", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Aug/83" + }, + { + "name": "http://packetstormsecurity.com/files/128064/MX-SmartTimer-13.18.5.11-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128064/MX-SmartTimer-13.18.5.11-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5663.json b/2014/5xxx/CVE-2014-5663.json index e7d053efb5a..17e800d5380 100644 --- a/2014/5xxx/CVE-2014-5663.json +++ b/2014/5xxx/CVE-2014-5663.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5663", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The FreeCell Solitaire (aka com.mobilityware.freecell) application 2.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5663", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#926137", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/926137" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The FreeCell Solitaire (aka com.mobilityware.freecell) application 2.1.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#926137", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/926137" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5785.json b/2014/5xxx/CVE-2014-5785.json index 15000582db8..437b6184af8 100644 --- a/2014/5xxx/CVE-2014-5785.json +++ b/2014/5xxx/CVE-2014-5785.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5785", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Bouncy Bill World-Cup (aka mominis.Generic_Android.Bouncy_Bill_World_Cup) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5785", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#986153", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/986153" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Bouncy Bill World-Cup (aka mominis.Generic_Android.Bouncy_Bill_World_Cup) application 1.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#986153", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/986153" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5841.json b/2014/5xxx/CVE-2014-5841.json index efc0fe906f1..958baf8c583 100644 --- a/2014/5xxx/CVE-2014-5841.json +++ b/2014/5xxx/CVE-2014-5841.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5841", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Girls Calendar Period&Weight (aka jp.co.cybird.apps.lifestyle.cal) application 3.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5841", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#735705", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/735705" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Girls Calendar Period&Weight (aka jp.co.cybird.apps.lifestyle.cal) application 3.2.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#735705", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/735705" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5884.json b/2014/5xxx/CVE-2014-5884.json index b963eeb7640..ed45fff3e9f 100644 --- a/2014/5xxx/CVE-2014-5884.json +++ b/2014/5xxx/CVE-2014-5884.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5884", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5884", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#841657", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/841657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The 1&1 Online Storage (aka de.einsundeins.smartdrive) application 5.0.11 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#841657", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/841657" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5889.json b/2014/5xxx/CVE-2014-5889.json index 10956742b83..dd597459b41 100644 --- a/2014/5xxx/CVE-2014-5889.json +++ b/2014/5xxx/CVE-2014-5889.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5889", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5889", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#209553", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/209553" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Android Forums (aka com.tapatalk.androidforumscom) application 2.4.4.9 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#209553", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/209553" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2030.json b/2015/2xxx/CVE-2015-2030.json index 3471fbc0d86..3ef07838433 100644 --- a/2015/2xxx/CVE-2015-2030.json +++ b/2015/2xxx/CVE-2015-2030.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2030", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-2030", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" - }, - { - "name" : "PI44098", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" - }, - { - "name" : "PI44105", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21966044" + }, + { + "name": "PI44105", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44105" + }, + { + "name": "PI44098", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI44098" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2140.json b/2015/2xxx/CVE-2015-2140.json index ae145f00312..c2ba037f53c 100644 --- a/2015/2xxx/CVE-2015-2140.json +++ b/2015/2xxx/CVE-2015-2140.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2140", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "hp-security-alert@hp.com", + "ID": "CVE-2015-2140", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744" - }, - { - "name" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019", - "refsource" : "CONFIRM", - "url" : "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04762744" + }, + { + "name": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019", + "refsource": "CONFIRM", + "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2248.json b/2015/2xxx/CVE-2015-2248.json index 9c06c5f8e3d..aa7bd96e67e 100644 --- a/2015/2xxx/CVE-2015-2248.json +++ b/2015/2xxx/CVE-2015-2248.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36940", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36940/" - }, - { - "name" : "http://www.scip.ch/en/?vuldb.75111", - "refsource" : "MISC", - "url" : "http://www.scip.ch/en/?vuldb.75111" - }, - { - "name" : "http://packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html" - }, - { - "name" : "https://support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series", - "refsource" : "CONFIRM", - "url" : "https://support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series" - }, - { - "name" : "73098", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73098" - }, - { - "name" : "1032227", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032227" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the user portal in Dell SonicWALL Secure Remote Access (SRA) products with firmware before 7.5.1.0-38sv and 8.x before 8.0.0.1-16sv allows remote attackers to hijack the authentication of users for requests that create bookmarks via a crafted request to cgi-bin/editBookmark." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032227", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032227" + }, + { + "name": "73098", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73098" + }, + { + "name": "http://packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131762/Dell-SonicWALL-Secure-Remote-Access-7.5-8.0-CSRF.html" + }, + { + "name": "http://www.scip.ch/en/?vuldb.75111", + "refsource": "MISC", + "url": "http://www.scip.ch/en/?vuldb.75111" + }, + { + "name": "36940", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36940/" + }, + { + "name": "https://support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series", + "refsource": "CONFIRM", + "url": "https://support.software.dell.com/product-notification/151370?productName=SonicWALL%20SRA%20Series" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2448.json b/2015/2xxx/CVE-2015-2448.json index 1c409ef9fa2..d246564540f 100644 --- a/2015/2xxx/CVE-2015-2448.json +++ b/2015/2xxx/CVE-2015-2448.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2448", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2448", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-079", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-079" - }, - { - "name" : "76191", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76191" - }, - { - "name" : "1033237", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033237" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76191", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76191" + }, + { + "name": "1033237", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033237" + }, + { + "name": "MS15-079", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-079" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2715.json b/2015/2xxx/CVE-2015-2715.json index 4f8ce2526d0..04d85f07c6c 100644 --- a/2015/2xxx/CVE-2015-2715.json +++ b/2015/2xxx/CVE-2015-2715.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2715", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2715", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-53.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-53.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=988698", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=988698" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201605-06", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-06" - }, - { - "name" : "openSUSE-SU-2015:0934", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html" - }, - { - "name" : "USN-2602-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2602-1" - }, - { - "name" : "74611", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2602-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2602-1" + }, + { + "name": "74611", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74611" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=988698", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=988698" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "openSUSE-SU-2015:0934", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-05/msg00036.html" + }, + { + "name": "GLSA-201605-06", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-06" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-53.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-53.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2997.json b/2015/2xxx/CVE-2015-2997.json index a74748ab860..203417778a8 100644 --- a/2015/2xxx/CVE-2015-2997.json +++ b/2015/2xxx/CVE-2015-2997.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2997", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal sequence, which reveals the installation path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2997", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/535679/100/0/threaded" - }, - { - "name" : "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Jun/8" - }, - { - "name" : "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html" - }, - { - "name" : "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk", - "refsource" : "CONFIRM", - "url" : "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk" - }, - { - "name" : "75038", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SysAid Help Desk before 15.2 allows remote attackers to obtain sensitive information via an invalid value in the accountid parameter to getAgentLogFile, as demonstrated by a large directory traversal sequence, which reveals the installation path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Jun/8" + }, + { + "name": "20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/535679/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132138/SysAid-Help-Desk-14.4-Code-Execution-Denial-Of-Service-Traversal-SQL-Injection.html" + }, + { + "name": "75038", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75038" + }, + { + "name": "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk", + "refsource": "CONFIRM", + "url": "https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6200.json b/2015/6xxx/CVE-2015-6200.json index 6617e63d872..de811911cbf 100644 --- a/2015/6xxx/CVE-2015-6200.json +++ b/2015/6xxx/CVE-2015-6200.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6200", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6200", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6553.json b/2015/6xxx/CVE-2015-6553.json index 0599e040c20..0cad7eabb54 100644 --- a/2015/6xxx/CVE-2015-6553.json +++ b/2015/6xxx/CVE-2015-6553.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6553", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6553", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000167.json b/2016/1000xxx/CVE-2016-1000167.json index cf109d1bef6..e2a1b6eca43 100644 --- a/2016/1000xxx/CVE-2016-1000167.json +++ b/2016/1000xxx/CVE-2016-1000167.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000167", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000167", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10049.json b/2016/10xxx/CVE-2016-10049.json index 452c89bd535..cfde714a320 100644 --- a/2016/10xxx/CVE-2016-10049.json +++ b/2016/10xxx/CVE-2016-10049.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10049", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10049", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/26/9" - }, - { - "name" : "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710", - "refsource" : "MISC", - "url" : "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410452", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410452" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4" - }, - { - "name" : "95180", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95180" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95180", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95180" + }, + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/3e9165285eda6e1bb71172031d3048b51bb443a4" + }, + { + "name": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710", + "refsource": "MISC", + "url": "https://www.imagemagick.org/discourse-server/viewtopic.php?f=3&t=29710" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410452" + }, + { + "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10366.json b/2016/10xxx/CVE-2016-10366.json index ae6e2480ac1..b9b4f31bba7 100644 --- a/2016/10xxx/CVE-2016-10366.json +++ b/2016/10xxx/CVE-2016-10366.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@elastic.co", - "ID" : "CVE-2016-10366", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Kibana", - "version" : { - "version_data" : [ - { - "version_value" : "4.3 to 4.6.2" - } - ] - } - } - ] - }, - "vendor_name" : "Elastic" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-79: Improper Neutralization of Input During Web Page Generation" - } + "CVE_data_meta": { + "ASSIGNER": "security@elastic.co", + "ID": "CVE-2016-10366", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Kibana", + "version": { + "version_data": [ + { + "version_value": "4.3 to 4.6.2" + } + ] + } + } + ] + }, + "vendor_name": "Elastic" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.elastic.co/community/security", - "refsource" : "CONFIRM", - "url" : "https://www.elastic.co/community/security" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.elastic.co/community/security", + "refsource": "CONFIRM", + "url": "https://www.elastic.co/community/security" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10372.json b/2016/10xxx/CVE-2016-10372.json index 37d0185fc38..d881870e93b 100644 --- a/2016/10xxx/CVE-2016-10372.json +++ b/2016/10xxx/CVE-2016-10372.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10372", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/", - "refsource" : "MISC", - "url" : "https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/" - }, - { - "name" : "https://ghostbin.com/paste/q2vq2", - "refsource" : "MISC", - "url" : "https://ghostbin.com/paste/q2vq2" - }, - { - "name" : "https://isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/", - "refsource" : "MISC", - "url" : "https://isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/", + "refsource": "MISC", + "url": "https://devicereversing.wordpress.com/2016/11/07/eirs-d1000-modem-is-wide-open-to-being-hacked/" + }, + { + "name": "https://isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/", + "refsource": "MISC", + "url": "https://isc.sans.edu/forums/diary/TR069+NewNTPServer+Exploits+What+we+know+so+far/21763/" + }, + { + "name": "https://ghostbin.com/paste/q2vq2", + "refsource": "MISC", + "url": "https://ghostbin.com/paste/q2vq2" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10530.json b/2016/10xxx/CVE-2016-10530.json index 63d43ad42b2..1c34414546f 100644 --- a/2016/10xxx/CVE-2016-10530.json +++ b/2016/10xxx/CVE-2016-10530.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "airbrake node module", - "version" : { - "version_data" : [ - { - "version_value" : "<=0.3.8" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure (CWE-200)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "airbrake node module", + "version": { + "version_data": [ + { + "version_value": "<=0.3.8" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/airbrake/node-airbrake/issues/70", - "refsource" : "MISC", - "url" : "https://github.com/airbrake/node-airbrake/issues/70" - }, - { - "name" : "https://nodesecurity.io/advisories/96", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/96" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The airbrake module 0.3.8 and earlier defaults to sending environment variables over HTTP. Environment variables can often times contain secret keys and other sensitive values. A malicious user could be on the same network as a regular user and intercept all the secret keys the user is sending. This goes against common best practice, which is to use HTTPS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure (CWE-200)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/airbrake/node-airbrake/issues/70", + "refsource": "MISC", + "url": "https://github.com/airbrake/node-airbrake/issues/70" + }, + { + "name": "https://nodesecurity.io/advisories/96", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/96" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4014.json b/2016/4xxx/CVE-2016-4014.json index 7e51cd53b13..1a9bd438890 100644 --- a/2016/4xxx/CVE-2016-4014.json +++ b/2016/4xxx/CVE-2016-4014.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4014", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4014", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jul/45" - }, - { - "name" : "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/", - "refsource" : "MISC", - "url" : "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/" - }, - { - "name" : "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/", - "refsource" : "MISC", - "url" : "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/" - }, - { - "name" : "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/", + "refsource": "MISC", + "url": "https://erpscan.io/press-center/blog/dos-vulnerabilities-on-the-rise-sap-security-notes-april-2016/" + }, + { + "name": "20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jul/45" + }, + { + "name": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/", + "refsource": "MISC", + "url": "https://erpscan.io/advisories/erpscan-16-020-sap-netweaver-java-uddi-component-xxe-vulnerability/" + }, + { + "name": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137919/SAP-NetWeaver-AS-JAVA-7.4-XXE-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4047.json b/2016/4xxx/CVE-2016-4047.json index 6f749d781b1..9eb123d3daa 100644 --- a/2016/4xxx/CVE-2016-4047.json +++ b/2016/4xxx/CVE-2016-4047.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4047", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a result an attacker can track access to a manipulated document. Usage of a document may get tracked and information about internal infrastructure may get exposed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4047", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160622 Open-Xchange Security Advisory 2016-06-22", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538732/100/0/threaded" - }, - { - "name" : "1036157", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Open-Xchange OX App Suite before 7.8.1-rev8. References to external Open XML document type definitions (.dtd resources) can be placed within .docx and .xslx files. Those resources were requested when parsing certain parts of the generated document. As a result an attacker can track access to a manipulated document. Usage of a document may get tracked and information about internal infrastructure may get exposed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036157", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036157" + }, + { + "name": "20160622 Open-Xchange Security Advisory 2016-06-22", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538732/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4402.json b/2016/4xxx/CVE-2016-4402.json index 724c063c18a..873ad0ad21f 100644 --- a/2016/4xxx/CVE-2016-4402.json +++ b/2016/4xxx/CVE-2016-4402.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "ID" : "CVE-2016-4402", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "HP Keyview", - "version" : { - "version_data" : [ - { - "version_value" : "earlier than v11.2" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "remote code execution via buffer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "ID": "CVE-2016-4402", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "HP Keyview", + "version": { + "version_data": [ + { + "version_value": "earlier than v11.2" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836" - }, - { - "name" : "94184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94184" - }, - { - "name" : "1037235", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037235" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote code execution via buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05325836" + }, + { + "name": "94184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94184" + }, + { + "name": "1037235", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037235" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4457.json b/2016/4xxx/CVE-2016-4457.json index 12770536831..9b113f36ab7 100644 --- a/2016/4xxx/CVE-2016-4457.json +++ b/2016/4xxx/CVE-2016-4457.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1341308", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1341308" - }, - { - "name" : "RHSA-2017:1367", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1367" - }, - { - "name" : "RHSA-2017:1601", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1601" - }, - { - "name" : "1038599", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CloudForms Management Engine before 5.8 includes a default SSL/TLS certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2017:1601", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1601" + }, + { + "name": "RHSA-2017:1367", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1367" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1341308", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341308" + }, + { + "name": "1038599", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038599" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4824.json b/2016/4xxx/CVE-2016-4824.json index 4e86c17c82e..30065cf4a44 100644 --- a/2016/4xxx/CVE-2016-4824.json +++ b/2016/4xxx/CVE-2016-4824.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://corega.jp/support/security/20160622_wlr300gnv.htm", - "refsource" : "CONFIRM", - "url" : "http://corega.jp/support/security/20160622_wlr300gnv.htm" - }, - { - "name" : "JVN#75028871", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN75028871/index.html" - }, - { - "name" : "JVNDB-2016-000109", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000109" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Wi-Fi Protected Setup (WPS) implementation on Corega CG-WLR300GNV and CG-WLR300GNV-W devices does not restrict the number of PIN authentication attempts, which makes it easier for remote attackers to obtain network access via a brute-force attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000109", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000109" + }, + { + "name": "JVN#75028871", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN75028871/index.html" + }, + { + "name": "http://corega.jp/support/security/20160622_wlr300gnv.htm", + "refsource": "CONFIRM", + "url": "http://corega.jp/support/security/20160622_wlr300gnv.htm" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8238.json b/2016/8xxx/CVE-2016-8238.json index 068f68c06a2..fc2e89e22d9 100644 --- a/2016/8xxx/CVE-2016-8238.json +++ b/2016/8xxx/CVE-2016-8238.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8238", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8238", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9009.json b/2016/9xxx/CVE-2016-9009.json index 4bb8e4209f5..c93a1dc8562 100644 --- a/2016/9xxx/CVE-2016-9009.json +++ b/2016/9xxx/CVE-2016-9009.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9009", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "WebSphere MQ", - "version" : { - "version_data" : [ - { - "version_value" : "8.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Denial of Service" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9009", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "WebSphere MQ", + "version": { + "version_data": [ + { + "version_value": "8.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21998647", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21998647" - }, - { - "name" : "96441", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere MQ 8.0 could allow an authenticated user with authority to create a cluster object to cause a denial of service to MQ clustering. IBM Reference #: 1998647." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "96441", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96441" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21998647", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21998647" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9026.json b/2016/9xxx/CVE-2016-9026.json index f1cdaa4bf62..9b4686d5cc5 100644 --- a/2016/9xxx/CVE-2016-9026.json +++ b/2016/9xxx/CVE-2016-9026.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9026", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9026", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9264.json b/2016/9xxx/CVE-2016-9264.json index 2c871b5e2d7..066620f53d7 100644 --- a/2016/9xxx/CVE-2016-9264.json +++ b/2016/9xxx/CVE-2016-9264.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9264", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9264", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161110 Re: libming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/10/9" - }, - { - "name" : "https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c/", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c/" - }, - { - "name" : "94251", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the printMP3Headers function in listmp3.c in Libming 0.4.7 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mp3 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94251", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94251" + }, + { + "name": "[oss-security] 20161110 Re: libming: listmp3: global-buffer-overflow in printMP3Headers (listmp3.c)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/10/9" + }, + { + "name": "https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c/", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/11/07/libming-listmp3-global-buffer-overflow-in-printmp3headers-listmp3-c/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9351.json b/2016/9xxx/CVE-2016-9351.json index 0dfea8f7b61..fb1c3f2eee4 100644 --- a/2016/9xxx/CVE-2016-9351.json +++ b/2016/9xxx/CVE-2016-9351.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "ID" : "CVE-2016-9351", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Advantech SUSIAccess Server 3.0 and prior", - "version" : { - "version_data" : [ - { - "version_value" : "Advantech SUSIAccess Server 3.0 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Advantech SUSIAccess Server traversal" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-9351", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Advantech SUSIAccess Server 3.0 and prior", + "version": { + "version_data": [ + { + "version_value": "Advantech SUSIAccess Server 3.0 and prior" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42402", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42402/" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04" - }, - { - "name" : "94629", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94629" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. The directory traversal/file upload error allows an attacker to upload and unpack a zip file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Advantech SUSIAccess Server traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-336-04" + }, + { + "name": "94629", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94629" + }, + { + "name": "42402", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42402/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9457.json b/2016/9xxx/CVE-2016-9457.json index d3004b80393..2479bbd5efc 100644 --- a/2016/9xxx/CVE-2016-9457.json +++ b/2016/9xxx/CVE-2016-9457.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "ID" : "CVE-2016-9457", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Revive Adserver All versions before 3.2.3", - "version" : { - "version_data" : [ - { - "version_value" : "Revive Adserver All versions before 3.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "ID": "CVE-2016-9457", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Revive Adserver All versions before 3.2.3", + "version": { + "version_data": [ + { + "version_value": "Revive Adserver All versions before 3.2.3" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/revive-adserver/revive-adserver/commit/ecbe822b48ef4ff61c2c6357c0c94199a81946f4", - "refsource" : "MISC", - "url" : "https://github.com/revive-adserver/revive-adserver/commit/ecbe822b48ef4ff61c2c6357c0c94199a81946f4" - }, - { - "name" : "https://hackerone.com/reports/107879", - "refsource" : "MISC", - "url" : "https://hackerone.com/reports/107879" - }, - { - "name" : "https://www.revive-adserver.com/security/revive-sa-2016-001/", - "refsource" : "MISC", - "url" : "https://www.revive-adserver.com/security/revive-sa-2016-001/" - }, - { - "name" : "83964", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/83964" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Revive Adserver before 3.2.3 suffers from Reflected XSS. `www/admin/stats.php` is vulnerable to reflected XSS attacks via multiple parameters that are not properly sanitised or escaped when displayed, such as setPerPage, pageId, bannerid, period_start, period_end, and possibly others." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/revive-adserver/revive-adserver/commit/ecbe822b48ef4ff61c2c6357c0c94199a81946f4", + "refsource": "MISC", + "url": "https://github.com/revive-adserver/revive-adserver/commit/ecbe822b48ef4ff61c2c6357c0c94199a81946f4" + }, + { + "name": "83964", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/83964" + }, + { + "name": "https://www.revive-adserver.com/security/revive-sa-2016-001/", + "refsource": "MISC", + "url": "https://www.revive-adserver.com/security/revive-sa-2016-001/" + }, + { + "name": "https://hackerone.com/reports/107879", + "refsource": "MISC", + "url": "https://hackerone.com/reports/107879" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2143.json b/2019/2xxx/CVE-2019-2143.json index f87ae031223..f1cd171bb51 100644 --- a/2019/2xxx/CVE-2019-2143.json +++ b/2019/2xxx/CVE-2019-2143.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2143", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2143", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2233.json b/2019/2xxx/CVE-2019-2233.json index 87d48195136..6e5d9b4465f 100644 --- a/2019/2xxx/CVE-2019-2233.json +++ b/2019/2xxx/CVE-2019-2233.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2233", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2233", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2429.json b/2019/2xxx/CVE-2019-2429.json index 0c3a644ba53..97fa3ea77e4 100644 --- a/2019/2xxx/CVE-2019-2429.json +++ b/2019/2xxx/CVE-2019-2429.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2429", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Outside In Technology", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.5.3" - }, - { - "version_affected" : "=", - "version_value" : "8.5.4" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2429", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Outside In Technology", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.5.3" + }, + { + "version_affected": "=", + "version_value": "8.5.4" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106582", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106582" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106582", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106582" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3046.json b/2019/3xxx/CVE-2019-3046.json index d8196b8b2f0..2a67e6d6fca 100644 --- a/2019/3xxx/CVE-2019-3046.json +++ b/2019/3xxx/CVE-2019-3046.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3046", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3046", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3185.json b/2019/3xxx/CVE-2019-3185.json index 8d661affd7b..28e16693427 100644 --- a/2019/3xxx/CVE-2019-3185.json +++ b/2019/3xxx/CVE-2019-3185.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3185", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3185", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3208.json b/2019/3xxx/CVE-2019-3208.json index 301ad974565..519370cb6e3 100644 --- a/2019/3xxx/CVE-2019-3208.json +++ b/2019/3xxx/CVE-2019-3208.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3208", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3208", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3996.json b/2019/3xxx/CVE-2019-3996.json index 1c6300fe66d..3a854879559 100644 --- a/2019/3xxx/CVE-2019-3996.json +++ b/2019/3xxx/CVE-2019-3996.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3996", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3996", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6255.json b/2019/6xxx/CVE-2019-6255.json index 74122d67a68..e0ab1a1815d 100644 --- a/2019/6xxx/CVE-2019-6255.json +++ b/2019/6xxx/CVE-2019-6255.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6255", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6255", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6303.json b/2019/6xxx/CVE-2019-6303.json index 83d89830654..5f6d29d766f 100644 --- a/2019/6xxx/CVE-2019-6303.json +++ b/2019/6xxx/CVE-2019-6303.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6303", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6303", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6970.json b/2019/6xxx/CVE-2019-6970.json index c5d6c72b88a..3ecbf423b60 100644 --- a/2019/6xxx/CVE-2019-6970.json +++ b/2019/6xxx/CVE-2019-6970.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6970", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6970", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7471.json b/2019/7xxx/CVE-2019-7471.json index 0d6fa33a908..a0d62722275 100644 --- a/2019/7xxx/CVE-2019-7471.json +++ b/2019/7xxx/CVE-2019-7471.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7471", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7471", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7473.json b/2019/7xxx/CVE-2019-7473.json index 40dd5203b11..fb1d4804c82 100644 --- a/2019/7xxx/CVE-2019-7473.json +++ b/2019/7xxx/CVE-2019-7473.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7473", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7473", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7549.json b/2019/7xxx/CVE-2019-7549.json index 3dc7d9dcef5..ee3f86d0e1e 100644 --- a/2019/7xxx/CVE-2019-7549.json +++ b/2019/7xxx/CVE-2019-7549.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7549", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7549", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8116.json b/2019/8xxx/CVE-2019-8116.json index 6b0ca29edc2..b9fb3e0512e 100644 --- a/2019/8xxx/CVE-2019-8116.json +++ b/2019/8xxx/CVE-2019-8116.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8116", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8116", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file