diff --git a/1999/0xxx/CVE-1999-0850.json b/1999/0xxx/CVE-1999-0850.json
index 7c54bebefb0..b9ac887104c 100644
--- a/1999/0xxx/CVE-1999-0850.json
+++ b/1999/0xxx/CVE-1999-0850.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-1999-0850",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The default permissions for Endymion MailMan allow local users to read email or modify files."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-1999-0850",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "845",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/845"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The default permissions for Endymion MailMan allow local users to read email or modify files."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "845",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/845"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/0xxx/CVE-2007-0104.json b/2007/0xxx/CVE-2007-0104.json
index 192337bf16a..bc0b91483bc 100644
--- a/2007/0xxx/CVE-2007-0104.json
+++ b/2007/0xxx/CVE-2007-0104.json
@@ -1,227 +1,227 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-0104",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-0104",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
- },
- {
- "name" : "http://www.kde.org/info/security/advisory-20070115-1.txt",
- "refsource" : "CONFIRM",
- "url" : "http://www.kde.org/info/security/advisory-20070115-1.txt"
- },
- {
- "name" : "https://issues.rpath.com/browse/RPL-964",
- "refsource" : "CONFIRM",
- "url" : "https://issues.rpath.com/browse/RPL-964"
- },
- {
- "name" : "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html",
- "refsource" : "CONFIRM",
- "url" : "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
- },
- {
- "name" : "http://docs.info.apple.com/article.html?artnum=305214",
- "refsource" : "CONFIRM",
- "url" : "http://docs.info.apple.com/article.html?artnum=305214"
- },
- {
- "name" : "MDKSA-2007:018",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
- },
- {
- "name" : "MDKSA-2007:020",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
- },
- {
- "name" : "MDKSA-2007:022",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
- },
- {
- "name" : "MDKSA-2007:019",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
- },
- {
- "name" : "MDKSA-2007:021",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
- },
- {
- "name" : "MDKSA-2007:024",
- "refsource" : "MANDRIVA",
- "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
- },
- {
- "name" : "SUSE-SR:2007:003",
- "refsource" : "SUSE",
- "url" : "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
- },
- {
- "name" : "USN-410-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/usn-410-1"
- },
- {
- "name" : "USN-410-2",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/usn-410-2"
- },
- {
- "name" : "TA07-072A",
- "refsource" : "CERT",
- "url" : "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
- },
- {
- "name" : "21910",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/21910"
- },
- {
- "name" : "http://projects.info-pull.com/moab/MOAB-06-01-2007.html",
- "refsource" : "MISC",
- "url" : "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
- },
- {
- "name" : "ADV-2007-0203",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0203"
- },
- {
- "name" : "ADV-2007-0212",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0212"
- },
- {
- "name" : "ADV-2007-0244",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0244"
- },
- {
- "name" : "ADV-2007-0930",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0930"
- },
- {
- "name" : "1017514",
- "refsource" : "SECTRACK",
- "url" : "http://securitytracker.com/id?1017514"
- },
- {
- "name" : "1017749",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id?1017749"
- },
- {
- "name" : "23799",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23799"
- },
- {
- "name" : "23791",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23791"
- },
- {
- "name" : "23808",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23808"
- },
- {
- "name" : "23813",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23813"
- },
- {
- "name" : "23815",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23815"
- },
- {
- "name" : "23844",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23844"
- },
- {
- "name" : "23839",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23839"
- },
- {
- "name" : "23876",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/23876"
- },
- {
- "name" : "24204",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24204"
- },
- {
- "name" : "24479",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24479"
- },
- {
- "name" : "multiple-vendor-pdf-code-execution(31364)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "23815",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23815"
+ },
+ {
+ "name": "MDKSA-2007:022",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:022"
+ },
+ {
+ "name": "MDKSA-2007:020",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:020"
+ },
+ {
+ "name": "TA07-072A",
+ "refsource": "CERT",
+ "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
+ },
+ {
+ "name": "MDKSA-2007:021",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:021"
+ },
+ {
+ "name": "http://www.kde.org/info/security/advisory-20070115-1.txt",
+ "refsource": "CONFIRM",
+ "url": "http://www.kde.org/info/security/advisory-20070115-1.txt"
+ },
+ {
+ "name": "MDKSA-2007:019",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:019"
+ },
+ {
+ "name": "23799",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23799"
+ },
+ {
+ "name": "23839",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23839"
+ },
+ {
+ "name": "http://docs.info.apple.com/article.html?artnum=305214",
+ "refsource": "CONFIRM",
+ "url": "http://docs.info.apple.com/article.html?artnum=305214"
+ },
+ {
+ "name": "multiple-vendor-pdf-code-execution(31364)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31364"
+ },
+ {
+ "name": "USN-410-2",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/usn-410-2"
+ },
+ {
+ "name": "MDKSA-2007:018",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:018"
+ },
+ {
+ "name": "1017514",
+ "refsource": "SECTRACK",
+ "url": "http://securitytracker.com/id?1017514"
+ },
+ {
+ "name": "23791",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23791"
+ },
+ {
+ "name": "SUSE-SR:2007:003",
+ "refsource": "SUSE",
+ "url": "http://www.novell.com/linux/security/advisories/2007_3_sr.html"
+ },
+ {
+ "name": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html",
+ "refsource": "CONFIRM",
+ "url": "http://support.novell.com/techcenter/psdb/44d7cb9b669d58e0ce5aa5d7ab2c7c53.html"
+ },
+ {
+ "name": "21910",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/21910"
+ },
+ {
+ "name": "MDKSA-2007:024",
+ "refsource": "MANDRIVA",
+ "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:024"
+ },
+ {
+ "name": "1017749",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id?1017749"
+ },
+ {
+ "name": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html",
+ "refsource": "MISC",
+ "url": "http://projects.info-pull.com/moab/MOAB-06-01-2007.html"
+ },
+ {
+ "name": "23844",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23844"
+ },
+ {
+ "name": "USN-410-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/usn-410-1"
+ },
+ {
+ "name": "ADV-2007-0203",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0203"
+ },
+ {
+ "name": "23876",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23876"
+ },
+ {
+ "name": "20070116 [KDE Security Advisory] kpdf/kword/xpdf denial of service vulnerability",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/457055/100/0/threaded"
+ },
+ {
+ "name": "ADV-2007-0244",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0244"
+ },
+ {
+ "name": "ADV-2007-0212",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0212"
+ },
+ {
+ "name": "ADV-2007-0930",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0930"
+ },
+ {
+ "name": "https://issues.rpath.com/browse/RPL-964",
+ "refsource": "CONFIRM",
+ "url": "https://issues.rpath.com/browse/RPL-964"
+ },
+ {
+ "name": "23813",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23813"
+ },
+ {
+ "name": "24204",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24204"
+ },
+ {
+ "name": "23808",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/23808"
+ },
+ {
+ "name": "24479",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24479"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/0xxx/CVE-2007-0486.json b/2007/0xxx/CVE-2007-0486.json
index e1cc22a75af..fc07537e975 100644
--- a/2007/0xxx/CVE-2007-0486.json
+++ b/2007/0xxx/CVE-2007-0486.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-0486",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Openads (aka phpAdsNew) 2.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) phpAds_geoPlugin parameter to libraries/lib-remotehost.inc, the (2) filename parameter to admin/report-index, or the (3) phpAds_config[my_footer] parameter to admin/lib-gui.inc. NOTE: the vendor has disputed this issue, stating that the relevant variables are used within function definitions."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-0486",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070120 phpAdsNew 2.0.7 Remote File Include",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/457670/100/0/threaded"
- },
- {
- "name" : "20070122 Re: phpAdsNew 2.0.7 Remote File Include",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/457806/100/200/threaded"
- },
- {
- "name" : "20070124 Re: phpAdsNew 2.0.7 Remote File Include",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/457991/100/200/threaded"
- },
- {
- "name" : "22172",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/22172"
- },
- {
- "name" : "33573",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/33573"
- },
- {
- "name" : "2174",
- "refsource" : "SREASON",
- "url" : "http://securityreason.com/securityalert/2174"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Openads (aka phpAdsNew) 2.0.7 allow remote attackers to execute arbitrary PHP code via a URL in the (1) phpAds_geoPlugin parameter to libraries/lib-remotehost.inc, the (2) filename parameter to admin/report-index, or the (3) phpAds_config[my_footer] parameter to admin/lib-gui.inc. NOTE: the vendor has disputed this issue, stating that the relevant variables are used within function definitions."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20070122 Re: phpAdsNew 2.0.7 Remote File Include",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/457806/100/200/threaded"
+ },
+ {
+ "name": "20070124 Re: phpAdsNew 2.0.7 Remote File Include",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/457991/100/200/threaded"
+ },
+ {
+ "name": "2174",
+ "refsource": "SREASON",
+ "url": "http://securityreason.com/securityalert/2174"
+ },
+ {
+ "name": "22172",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/22172"
+ },
+ {
+ "name": "33573",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/33573"
+ },
+ {
+ "name": "20070120 phpAdsNew 2.0.7 Remote File Include",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/457670/100/0/threaded"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/0xxx/CVE-2007-0989.json b/2007/0xxx/CVE-2007-0989.json
index 1ba0bb214b7..289cfdbf6c3 100644
--- a/2007/0xxx/CVE-2007-0989.json
+++ b/2007/0xxx/CVE-2007-0989.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-0989",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2007-0989",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1104.json b/2007/1xxx/CVE-2007-1104.json
index 9cc12aa960e..167ff301a67 100644
--- a/2007/1xxx/CVE-2007-1104.json
+++ b/2007/1xxx/CVE-2007-1104.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1104",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1104",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "3374",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/3374"
- },
- {
- "name" : "22714",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/22714"
- },
- {
- "name" : "ADV-2007-0732",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/0732"
- },
- {
- "name" : "36881",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/36881"
- },
- {
- "name" : "phpmodule-top-file-include(32672)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32672"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "PHP remote file inclusion vulnerability in top.php in PHP Module Implementation (PHP-MIP) 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the laypath parameter."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "36881",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/36881"
+ },
+ {
+ "name": "phpmodule-top-file-include(32672)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32672"
+ },
+ {
+ "name": "ADV-2007-0732",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/0732"
+ },
+ {
+ "name": "22714",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/22714"
+ },
+ {
+ "name": "3374",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/3374"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1561.json b/2007/1xxx/CVE-2007-1561.json
index e795b4691d1..875ae073e30 100644
--- a/2007/1xxx/CVE-2007-1561.json
+++ b/2007/1xxx/CVE-2007-1561.json
@@ -1,137 +1,137 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1561",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1561",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20070321 Two new DoS Vulnerabilities in Asterisk Fixed",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/463434/100/0/threaded"
- },
- {
- "name" : "20070319 Asterisk SDP DOS vulnerability",
- "refsource" : "FULLDISC",
- "url" : "http://marc.info/?l=full-disclosure&m=117432783011737&w=2"
- },
- {
- "name" : "[VOIPSEC] 20070319 Asterisk SDP DOS vulnerability",
- "refsource" : "MLIST",
- "url" : "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html"
- },
- {
- "name" : "http://asterisk.org/node/48339",
- "refsource" : "CONFIRM",
- "url" : "http://asterisk.org/node/48339"
- },
- {
- "name" : "http://www.sineapps.com/news.php?rssid=1707",
- "refsource" : "CONFIRM",
- "url" : "http://www.sineapps.com/news.php?rssid=1707"
- },
- {
- "name" : "DSA-1358",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2007/dsa-1358"
- },
- {
- "name" : "GLSA-200704-01",
- "refsource" : "GENTOO",
- "url" : "http://security.gentoo.org/glsa/glsa-200704-01.xml"
- },
- {
- "name" : "SUSE-SA:2007:034",
- "refsource" : "SUSE",
- "url" : "http://www.novell.com/linux/security/advisories/2007_34_asterisk.html"
- },
- {
- "name" : "23031",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/23031"
- },
- {
- "name" : "ADV-2007-1039",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/1039"
- },
- {
- "name" : "34479",
- "refsource" : "OSVDB",
- "url" : "http://www.osvdb.org/34479"
- },
- {
- "name" : "1017794",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id?1017794"
- },
- {
- "name" : "24719",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24719"
- },
- {
- "name" : "25582",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/25582"
- },
- {
- "name" : "24564",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24564"
- },
- {
- "name" : "asterisk-sip-invite-dos(33068)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33068"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The channel driver in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP INVITE message with an SDP containing one valid and one invalid IP address."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1017794",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id?1017794"
+ },
+ {
+ "name": "20070319 Asterisk SDP DOS vulnerability",
+ "refsource": "FULLDISC",
+ "url": "http://marc.info/?l=full-disclosure&m=117432783011737&w=2"
+ },
+ {
+ "name": "24564",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24564"
+ },
+ {
+ "name": "http://asterisk.org/node/48339",
+ "refsource": "CONFIRM",
+ "url": "http://asterisk.org/node/48339"
+ },
+ {
+ "name": "SUSE-SA:2007:034",
+ "refsource": "SUSE",
+ "url": "http://www.novell.com/linux/security/advisories/2007_34_asterisk.html"
+ },
+ {
+ "name": "20070321 Two new DoS Vulnerabilities in Asterisk Fixed",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/463434/100/0/threaded"
+ },
+ {
+ "name": "23031",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/23031"
+ },
+ {
+ "name": "asterisk-sip-invite-dos(33068)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33068"
+ },
+ {
+ "name": "GLSA-200704-01",
+ "refsource": "GENTOO",
+ "url": "http://security.gentoo.org/glsa/glsa-200704-01.xml"
+ },
+ {
+ "name": "25582",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/25582"
+ },
+ {
+ "name": "24719",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24719"
+ },
+ {
+ "name": "http://www.sineapps.com/news.php?rssid=1707",
+ "refsource": "CONFIRM",
+ "url": "http://www.sineapps.com/news.php?rssid=1707"
+ },
+ {
+ "name": "ADV-2007-1039",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/1039"
+ },
+ {
+ "name": "DSA-1358",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2007/dsa-1358"
+ },
+ {
+ "name": "34479",
+ "refsource": "OSVDB",
+ "url": "http://www.osvdb.org/34479"
+ },
+ {
+ "name": "[VOIPSEC] 20070319 Asterisk SDP DOS vulnerability",
+ "refsource": "MLIST",
+ "url": "http://voipsa.org/pipermail/voipsec_voipsa.org/2007-March/002275.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1713.json b/2007/1xxx/CVE-2007-1713.json
index b1bc57dc5c0..abafe1e00a2 100644
--- a/2007/1xxx/CVE-2007-1713.json
+++ b/2007/1xxx/CVE-2007-1713.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1713",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1713",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.hi-ho.ne.jp/babaq/basp21.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.hi-ho.ne.jp/babaq/basp21.html"
- },
- {
- "name" : "JVN#86092776",
- "refsource" : "JVN",
- "url" : "http://jvn.jp/jp/JVN%2386092776/index.html"
- },
- {
- "name" : "23134",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/23134"
- },
- {
- "name" : "ADV-2007-1113",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/1113"
- },
- {
- "name" : "34495",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/34495"
- },
- {
- "name" : "24652",
- "refsource" : "SECUNIA",
- "url" : "http://secunia.com/advisories/24652"
- },
- {
- "name" : "basp21-bsmtp-mail-relay(33211)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33211"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "CRLF injection vulnerability in BSMTP.DLL in B21Soft BASP21 2003.0211, and BASP21 Pro 1.0.702.27 and earlier, allows remote attackers to inject arbitrary headers into e-mail messages via CRLF sequences in Subject lines."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "basp21-bsmtp-mail-relay(33211)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33211"
+ },
+ {
+ "name": "http://www.hi-ho.ne.jp/babaq/basp21.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.hi-ho.ne.jp/babaq/basp21.html"
+ },
+ {
+ "name": "34495",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/34495"
+ },
+ {
+ "name": "ADV-2007-1113",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/1113"
+ },
+ {
+ "name": "23134",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/23134"
+ },
+ {
+ "name": "JVN#86092776",
+ "refsource": "JVN",
+ "url": "http://jvn.jp/jp/JVN%2386092776/index.html"
+ },
+ {
+ "name": "24652",
+ "refsource": "SECUNIA",
+ "url": "http://secunia.com/advisories/24652"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/1xxx/CVE-2007-1992.json b/2007/1xxx/CVE-2007-1992.json
index 177552def61..131798c8aab 100644
--- a/2007/1xxx/CVE-2007-1992.json
+++ b/2007/1xxx/CVE-2007-1992.json
@@ -1,77 +1,77 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-1992",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-1992",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "3706",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/3706"
- },
- {
- "name" : "23415",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/23415"
- },
- {
- "name" : "ADV-2007-1353",
- "refsource" : "VUPEN",
- "url" : "http://www.vupen.com/english/advisories/2007/1353"
- },
- {
- "name" : "zmg-exif-file-include(33580)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple PHP remote file inclusion vulnerabilities in the com_zoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) EXIF_Makernote.php or (2) EXIF.php in classes/iptc/."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "zmg-exif-file-include(33580)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33580"
+ },
+ {
+ "name": "ADV-2007-1353",
+ "refsource": "VUPEN",
+ "url": "http://www.vupen.com/english/advisories/2007/1353"
+ },
+ {
+ "name": "23415",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/23415"
+ },
+ {
+ "name": "3706",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/3706"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/4xxx/CVE-2007-4068.json b/2007/4xxx/CVE-2007-4068.json
index 15c4d6ae583..2e9e7a493ef 100644
--- a/2007/4xxx/CVE-2007-4068.json
+++ b/2007/4xxx/CVE-2007-4068.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-4068",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay action."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-4068",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "4224",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/4224"
- },
- {
- "name" : "25061",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/25061"
- },
- {
- "name" : "37131",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/37131"
- },
- {
- "name" : "37132",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/37132"
- },
- {
- "name" : "webyapar-multiple-sql-injection(35603)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35603"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Multiple SQL injection vulnerabilities in Webyapar 2.0 allow remote attackers to execute arbitrary SQL commands via (1) the kat_id parameter to the default URI in a download action or (2) the id parameter to the default URI in a duyurular_detay action."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "37131",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/37131"
+ },
+ {
+ "name": "37132",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/37132"
+ },
+ {
+ "name": "4224",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/4224"
+ },
+ {
+ "name": "webyapar-multiple-sql-injection(35603)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35603"
+ },
+ {
+ "name": "25061",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/25061"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5870.json b/2007/5xxx/CVE-2007-5870.json
index 34496c0ed83..881b4c5c71f 100644
--- a/2007/5xxx/CVE-2007-5870.json
+++ b/2007/5xxx/CVE-2007-5870.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5870",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5870",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2007/5xxx/CVE-2007-5890.json b/2007/5xxx/CVE-2007-5890.json
index eafb6f76ced..e46fd7e5704 100644
--- a/2007/5xxx/CVE-2007-5890.json
+++ b/2007/5xxx/CVE-2007-5890.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2007-5890",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2007-5890",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "26335",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/26335"
- },
- {
- "name" : "38730",
- "refsource" : "OSVDB",
- "url" : "http://osvdb.org/38730"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Directory traversal vulnerability in index.php in easyGB 2.1.1 allows remote attackers to include arbitrary files via the DatabaseType parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "38730",
+ "refsource": "OSVDB",
+ "url": "http://osvdb.org/38730"
+ },
+ {
+ "name": "26335",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/26335"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/3xxx/CVE-2015-3398.json b/2015/3xxx/CVE-2015-3398.json
index 0994a07506f..29abb4eb03c 100644
--- a/2015/3xxx/CVE-2015-3398.json
+++ b/2015/3xxx/CVE-2015-3398.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-3398",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-3398",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/3xxx/CVE-2015-3661.json b/2015/3xxx/CVE-2015-3661.json
index 1367bd099c8..a904939697c 100644
--- a/2015/3xxx/CVE-2015-3661.json
+++ b/2015/3xxx/CVE-2015-3661.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-3661",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2015-3661",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://support.apple.com/kb/HT204942",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT204942"
- },
- {
- "name" : "http://support.apple.com/kb/HT204947",
- "refsource" : "CONFIRM",
- "url" : "http://support.apple.com/kb/HT204947"
- },
- {
- "name" : "APPLE-SA-2015-06-30-2",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
- },
- {
- "name" : "APPLE-SA-2015-06-30-5",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html"
- },
- {
- "name" : "75493",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/75493"
- },
- {
- "name" : "1032756",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1032756"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "QT Media Foundation in Apple QuickTime before 7.7.7, as used in OS X before 10.10.4 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, a different vulnerability than CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, and CVE-2015-3668."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://support.apple.com/kb/HT204947",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT204947"
+ },
+ {
+ "name": "APPLE-SA-2015-06-30-2",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"
+ },
+ {
+ "name": "75493",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/75493"
+ },
+ {
+ "name": "1032756",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1032756"
+ },
+ {
+ "name": "http://support.apple.com/kb/HT204942",
+ "refsource": "CONFIRM",
+ "url": "http://support.apple.com/kb/HT204942"
+ },
+ {
+ "name": "APPLE-SA-2015-06-30-5",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00005.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/3xxx/CVE-2015-3735.json b/2015/3xxx/CVE-2015-3735.json
index ab43e9f011a..b8635542978 100644
--- a/2015/3xxx/CVE-2015-3735.json
+++ b/2015/3xxx/CVE-2015-3735.json
@@ -1,97 +1,97 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-3735",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2015-3735",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://support.apple.com/kb/HT205030",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/kb/HT205030"
- },
- {
- "name" : "https://support.apple.com/kb/HT205033",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/kb/HT205033"
- },
- {
- "name" : "https://support.apple.com/HT205221",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT205221"
- },
- {
- "name" : "APPLE-SA-2015-08-13-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html"
- },
- {
- "name" : "APPLE-SA-2015-08-13-3",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
- },
- {
- "name" : "APPLE-SA-2015-09-16-3",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
- },
- {
- "name" : "76338",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/76338"
- },
- {
- "name" : "1033274",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1033274"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2015-08-13-1 and APPLE-SA-2015-08-13-3."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://support.apple.com/HT205221",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT205221"
+ },
+ {
+ "name": "1033274",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1033274"
+ },
+ {
+ "name": "https://support.apple.com/kb/HT205030",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/kb/HT205030"
+ },
+ {
+ "name": "APPLE-SA-2015-09-16-3",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00003.html"
+ },
+ {
+ "name": "APPLE-SA-2015-08-13-3",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html"
+ },
+ {
+ "name": "76338",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/76338"
+ },
+ {
+ "name": "APPLE-SA-2015-08-13-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00000.html"
+ },
+ {
+ "name": "https://support.apple.com/kb/HT205033",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/kb/HT205033"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/6xxx/CVE-2015-6049.json b/2015/6xxx/CVE-2015-6049.json
index 6d7a01a7c13..25c3cf43325 100644
--- a/2015/6xxx/CVE-2015-6049.json
+++ b/2015/6xxx/CVE-2015-6049.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-6049",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6048."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2015-6049",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "MS15-106",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
- },
- {
- "name" : "1033800",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1033800"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6048."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1033800",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1033800"
+ },
+ {
+ "name": "MS15-106",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/6xxx/CVE-2015-6184.json b/2015/6xxx/CVE-2015-6184.json
index 95be89601db..84624a747e2 100644
--- a/2015/6xxx/CVE-2015-6184.json
+++ b/2015/6xxx/CVE-2015-6184.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-6184",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6048 and CVE-2015-6049."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2015-6184",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160127 Microsoft Internet Explorer \"CAttrArray\" Type Confusion Vulnerability",
- "refsource" : "IDEFENSE",
- "url" : "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1218"
- },
- {
- "name" : "MS15-106",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token sequence in conjunction with modifications to HTML elements, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6048 and CVE-2015-6049."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20160127 Microsoft Internet Explorer \"CAttrArray\" Type Confusion Vulnerability",
+ "refsource": "IDEFENSE",
+ "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1218"
+ },
+ {
+ "name": "MS15-106",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/6xxx/CVE-2015-6646.json b/2015/6xxx/CVE-2015-6646.json
index be9d988b805..74920fa4f6a 100644
--- a/2015/6xxx/CVE-2015-6646.json
+++ b/2015/6xxx/CVE-2015-6646.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-6646",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@android.com",
+ "ID": "CVE-2015-6646",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://source.android.com/security/bulletin/2016-01-01.html",
- "refsource" : "CONFIRM",
- "url" : "http://source.android.com/security/bulletin/2016-01-01.html"
- },
- {
- "name" : "1034592",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034592"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation and the memory manager, aka internal bug 22300191, a different vulnerability than CVE-2015-7613."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1034592",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034592"
+ },
+ {
+ "name": "http://source.android.com/security/bulletin/2016-01-01.html",
+ "refsource": "CONFIRM",
+ "url": "http://source.android.com/security/bulletin/2016-01-01.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/6xxx/CVE-2015-6694.json b/2015/6xxx/CVE-2015-6694.json
index c8c403282fe..b96ef8b92ff 100644
--- a/2015/6xxx/CVE-2015-6694.json
+++ b/2015/6xxx/CVE-2015-6694.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-6694",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6695, and CVE-2015-7622."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@adobe.com",
+ "ID": "CVE-2015-6694",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-471",
- "refsource" : "MISC",
- "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-471"
- },
- {
- "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
- "refsource" : "CONFIRM",
- "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
- },
- {
- "name" : "1033796",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1033796"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted use of the fillColor attribute, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6695, and CVE-2015-7622."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-471",
+ "refsource": "MISC",
+ "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-471"
+ },
+ {
+ "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html",
+ "refsource": "CONFIRM",
+ "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html"
+ },
+ {
+ "name": "1033796",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1033796"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/6xxx/CVE-2015-6756.json b/2015/6xxx/CVE-2015-6756.json
index 3d5fa65dae5..6bdf56932c7 100644
--- a/2015/6xxx/CVE-2015-6756.json
+++ b/2015/6xxx/CVE-2015-6756.json
@@ -1,97 +1,97 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-6756",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@google.com",
+ "ID": "CVE-2015-6756",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html",
- "refsource" : "CONFIRM",
- "url" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html"
- },
- {
- "name" : "https://code.google.com/p/chromium/issues/detail?id=507316",
- "refsource" : "CONFIRM",
- "url" : "https://code.google.com/p/chromium/issues/detail?id=507316"
- },
- {
- "name" : "https://codereview.chromium.org/1332653002",
- "refsource" : "CONFIRM",
- "url" : "https://codereview.chromium.org/1332653002"
- },
- {
- "name" : "DSA-3376",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2015/dsa-3376"
- },
- {
- "name" : "GLSA-201603-09",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201603-09"
- },
- {
- "name" : "RHSA-2015:1912",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2015-1912.html"
- },
- {
- "name" : "77071",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/77071"
- },
- {
- "name" : "1033816",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1033816"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact by leveraging mishandling of a focused annotation in a PDF document."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html",
+ "refsource": "CONFIRM",
+ "url": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html"
+ },
+ {
+ "name": "77071",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/77071"
+ },
+ {
+ "name": "DSA-3376",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2015/dsa-3376"
+ },
+ {
+ "name": "https://code.google.com/p/chromium/issues/detail?id=507316",
+ "refsource": "CONFIRM",
+ "url": "https://code.google.com/p/chromium/issues/detail?id=507316"
+ },
+ {
+ "name": "https://codereview.chromium.org/1332653002",
+ "refsource": "CONFIRM",
+ "url": "https://codereview.chromium.org/1332653002"
+ },
+ {
+ "name": "GLSA-201603-09",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201603-09"
+ },
+ {
+ "name": "1033816",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1033816"
+ },
+ {
+ "name": "RHSA-2015:1912",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2015-1912.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7342.json b/2015/7xxx/CVE-2015-7342.json
index 458268fc88a..b8fc62b18e8 100644
--- a/2015/7xxx/CVE-2015-7342.json
+++ b/2015/7xxx/CVE-2015-7342.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7342",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-7342",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7534.json b/2015/7xxx/CVE-2015-7534.json
index 53d774fc97b..5436a820922 100644
--- a/2015/7xxx/CVE-2015-7534.json
+++ b/2015/7xxx/CVE-2015-7534.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7534",
- "STATE" : "REJECT"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
- }
- ]
- }
-}
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2015-7534",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "REJECT"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7686.json b/2015/7xxx/CVE-2015-7686.json
index 85625a21284..6fe41db6e67 100644
--- a/2015/7xxx/CVE-2015-7686.json
+++ b/2015/7xxx/CVE-2015-7686.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7686",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-7686",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20150927 DoS attack through Email-Address perl module v1.907 (CVE id request)",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2015/09/27/1"
- },
- {
- "name" : "[oss-security] 20151002 Re: DoS attack through Email-Address perl module v1.907 (CVE id request)",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2015/10/02/13"
- },
- {
- "name" : "https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016",
- "refsource" : "CONFIRM",
- "url" : "https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string containing a list of e-mail addresses in conjunction with parenthesis characters that can be associated with nested comments. NOTE: the default configuration in 1.908 mitigates this vulnerability but misparses certain realistic comments."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016",
+ "refsource": "CONFIRM",
+ "url": "https://forum.bestpractical.com/t/security-vulnerabilities-in-rt-2017-06-15/32016"
+ },
+ {
+ "name": "[oss-security] 20151002 Re: DoS attack through Email-Address perl module v1.907 (CVE id request)",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2015/10/02/13"
+ },
+ {
+ "name": "[oss-security] 20150927 DoS attack through Email-Address perl module v1.907 (CVE id request)",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2015/09/27/1"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7807.json b/2015/7xxx/CVE-2015-7807.json
index 527855b037e..47c5f8daa6b 100644
--- a/2015/7xxx/CVE-2015-7807.json
+++ b/2015/7xxx/CVE-2015-7807.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7807",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-7807",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/7xxx/CVE-2015-7839.json b/2015/7xxx/CVE-2015-7839.json
index 8f17d34c925..dbec23daa41 100644
--- a/2015/7xxx/CVE-2015-7839.json
+++ b/2015/7xxx/CVE-2015-7839.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-7839",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-7839",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-461",
- "refsource" : "MISC",
- "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-461"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-461",
+ "refsource": "MISC",
+ "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-461"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8392.json b/2015/8xxx/CVE-2015-8392.json
index 1cb60d97bc1..369fb7e8c58 100644
--- a/2015/8xxx/CVE-2015-8392.json
+++ b/2015/8xxx/CVE-2015-8392.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8392",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-8392",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "[oss-security] 20151128 Re: Heap Overflow in PCRE",
- "refsource" : "MLIST",
- "url" : "http://www.openwall.com/lists/oss-security/2015/11/29/1"
- },
- {
- "name" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup",
- "refsource" : "CONFIRM",
- "url" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
- },
- {
- "name" : "https://bto.bluecoat.com/security-advisory/sa128",
- "refsource" : "CONFIRM",
- "url" : "https://bto.bluecoat.com/security-advisory/sa128"
- },
- {
- "name" : "GLSA-201607-02",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201607-02"
- },
- {
- "name" : "RHSA-2016:1132",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2016:1132"
- },
- {
- "name" : "RHSA-2016:2750",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to cause a denial of service (unintended recursion and buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to CVE-2015-8384 and CVE-2015-8395."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "[oss-security] 20151128 Re: Heap Overflow in PCRE",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1"
+ },
+ {
+ "name": "RHSA-2016:1132",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2016:1132"
+ },
+ {
+ "name": "RHSA-2016:2750",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html"
+ },
+ {
+ "name": "https://bto.bluecoat.com/security-advisory/sa128",
+ "refsource": "CONFIRM",
+ "url": "https://bto.bluecoat.com/security-advisory/sa128"
+ },
+ {
+ "name": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup",
+ "refsource": "CONFIRM",
+ "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup"
+ },
+ {
+ "name": "GLSA-201607-02",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201607-02"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8718.json b/2015/8xxx/CVE-2015-8718.json
index 4853a290005..60682d0331f 100644
--- a/2015/8xxx/CVE-2015-8718.json
+++ b/2015/8xxx/CVE-2015-8718.json
@@ -1,92 +1,92 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8718",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2015-8718",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.wireshark.org/security/wnpa-sec-2015-37.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.wireshark.org/security/wnpa-sec-2015-37.html"
- },
- {
- "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e",
- "refsource" : "CONFIRM",
- "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e"
- },
- {
- "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
- },
- {
- "name" : "DSA-3505",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3505"
- },
- {
- "name" : "GLSA-201604-05",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201604-05"
- },
- {
- "name" : "79814",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/79814"
- },
- {
- "name" : "1034551",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034551"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "DSA-3505",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3505"
+ },
+ {
+ "name": "http://www.wireshark.org/security/wnpa-sec-2015-37.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.wireshark.org/security/wnpa-sec-2015-37.html"
+ },
+ {
+ "name": "79814",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/79814"
+ },
+ {
+ "name": "GLSA-201604-05",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201604-05"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html"
+ },
+ {
+ "name": "1034551",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034551"
+ },
+ {
+ "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e",
+ "refsource": "CONFIRM",
+ "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=81dfe6d450ada42d12f20ac26a6d8ae2302df37e"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2015/8xxx/CVE-2015-8940.json b/2015/8xxx/CVE-2015-8940.json
index 20a5eb237fe..00f29cab671 100644
--- a/2015/8xxx/CVE-2015-8940.json
+++ b/2015/8xxx/CVE-2015-8940.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2015-8940",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28813987 and Qualcomm internal bug CR792367."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@android.com",
+ "ID": "CVE-2015-8940",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://source.android.com/security/bulletin/2016-08-01.html",
- "refsource" : "CONFIRM",
- "url" : "http://source.android.com/security/bulletin/2016-08-01.html"
- },
- {
- "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e13ebd727d161db7003be6756e61283dce85fa3b",
- "refsource" : "CONFIRM",
- "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e13ebd727d161db7003be6756e61283dce85fa3b"
- },
- {
- "name" : "92219",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92219"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28813987 and Qualcomm internal bug CR792367."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://source.android.com/security/bulletin/2016-08-01.html",
+ "refsource": "CONFIRM",
+ "url": "http://source.android.com/security/bulletin/2016-08-01.html"
+ },
+ {
+ "name": "92219",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92219"
+ },
+ {
+ "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e13ebd727d161db7003be6756e61283dce85fa3b",
+ "refsource": "CONFIRM",
+ "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=e13ebd727d161db7003be6756e61283dce85fa3b"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/0xxx/CVE-2016-0160.json b/2016/0xxx/CVE-2016-0160.json
index 6fbd10b1121..f37e7ce5863 100644
--- a/2016/0xxx/CVE-2016-0160.json
+++ b/2016/0xxx/CVE-2016-0160.json
@@ -1,82 +1,82 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-0160",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\""
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2016-0160",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160415 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/538098/100/0/threaded"
- },
- {
- "name" : "20160416 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability",
- "refsource" : "FULLDISC",
- "url" : "http://seclists.org/fulldisclosure/2016/Apr/61"
- },
- {
- "name" : "http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html"
- },
- {
- "name" : "MS16-037",
- "refsource" : "MS",
- "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037"
- },
- {
- "name" : "1035521",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035521"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Microsoft Internet Explorer 11 mishandles DLL loading, which allows local users to gain privileges via a crafted application, aka \"DLL Loading Remote Code Execution Vulnerability.\""
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "1035521",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035521"
+ },
+ {
+ "name": "20160416 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability",
+ "refsource": "FULLDISC",
+ "url": "http://seclists.org/fulldisclosure/2016/Apr/61"
+ },
+ {
+ "name": "MS16-037",
+ "refsource": "MS",
+ "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037"
+ },
+ {
+ "name": "http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/136702/Microsoft-Internet-Explorer-11-DLL-Hijacking.html"
+ },
+ {
+ "name": "20160415 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/538098/100/0/threaded"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/0xxx/CVE-2016-0235.json b/2016/0xxx/CVE-2016-0235.json
index 1c8f608fd29..996bf3cacf1 100644
--- a/2016/0xxx/CVE-2016-0235.json
+++ b/2016/0xxx/CVE-2016-0235.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "psirt@us.ibm.com",
- "ID" : "CVE-2016-0235",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. IBM X-Force ID: 110326."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2016-0235",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981748",
- "refsource" : "CONFIRM",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21981748"
- },
- {
- "name" : "ibm-guardian-cve20160235-info-disc(110326)",
- "refsource" : "XF",
- "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/110326"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. IBM X-Force ID: 110326."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "ibm-guardian-cve20160235-info-disc(110326)",
+ "refsource": "XF",
+ "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/110326"
+ },
+ {
+ "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981748",
+ "refsource": "CONFIRM",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981748"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/0xxx/CVE-2016-0948.json b/2016/0xxx/CVE-2016-0948.json
index fdecc741adc..56ed77ed867 100644
--- a/2016/0xxx/CVE-2016-0948.json
+++ b/2016/0xxx/CVE-2016-0948.json
@@ -1,67 +1,67 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-0948",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@adobe.com",
+ "ID": "CVE-2016-0948",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://helpx.adobe.com/security/products/connect/apsb16-07.html",
- "refsource" : "CONFIRM",
- "url" : "https://helpx.adobe.com/security/products/connect/apsb16-07.html"
- },
- {
- "name" : "1034978",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034978"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Cross-site request forgery (CSRF) vulnerability in Adobe Connect before 9.5.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://helpx.adobe.com/security/products/connect/apsb16-07.html",
+ "refsource": "CONFIRM",
+ "url": "https://helpx.adobe.com/security/products/connect/apsb16-07.html"
+ },
+ {
+ "name": "1034978",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034978"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1287.json b/2016/1xxx/CVE-2016-1287.json
index 5f9d4f45d4b..0e2483f9136 100644
--- a/2016/1xxx/CVE-2016-1287.json
+++ b/2016/1xxx/CVE-2016-1287.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1287",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@cisco.com",
+ "ID": "CVE-2016-1287",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "39823",
- "refsource" : "EXPLOIT-DB",
- "url" : "https://www.exploit-db.com/exploits/39823/"
- },
- {
- "name" : "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html"
- },
- {
- "name" : "https://blog.exodusintel.com/2016/02/10/firewall-hacking/",
- "refsource" : "MISC",
- "url" : "https://blog.exodusintel.com/2016/02/10/firewall-hacking/"
- },
- {
- "name" : "20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability",
- "refsource" : "CISCO",
- "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike"
- },
- {
- "name" : "VU#327976",
- "refsource" : "CERT-VN",
- "url" : "https://www.kb.cert.org/vuls/id/327976"
- },
- {
- "name" : "1034997",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1034997"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "20160210 Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability",
+ "refsource": "CISCO",
+ "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike"
+ },
+ {
+ "name": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html"
+ },
+ {
+ "name": "1034997",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034997"
+ },
+ {
+ "name": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/",
+ "refsource": "MISC",
+ "url": "https://blog.exodusintel.com/2016/02/10/firewall-hacking/"
+ },
+ {
+ "name": "VU#327976",
+ "refsource": "CERT-VN",
+ "url": "https://www.kb.cert.org/vuls/id/327976"
+ },
+ {
+ "name": "39823",
+ "refsource": "EXPLOIT-DB",
+ "url": "https://www.exploit-db.com/exploits/39823/"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1701.json b/2016/1xxx/CVE-2016-1701.json
index c47c8430a8d..2a2128b6d33 100644
--- a/2016/1xxx/CVE-2016-1701.json
+++ b/2016/1xxx/CVE-2016-1701.json
@@ -1,102 +1,102 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1701",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@google.com",
+ "ID": "CVE-2016-1701",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html",
- "refsource" : "CONFIRM",
- "url" : "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html"
- },
- {
- "name" : "https://codereview.chromium.org/1960023002",
- "refsource" : "CONFIRM",
- "url" : "https://codereview.chromium.org/1960023002"
- },
- {
- "name" : "https://crbug.com/608101",
- "refsource" : "CONFIRM",
- "url" : "https://crbug.com/608101"
- },
- {
- "name" : "DSA-3594",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3594"
- },
- {
- "name" : "RHSA-2016:1201",
- "refsource" : "REDHAT",
- "url" : "https://access.redhat.com/errata/RHSA-2016:1201"
- },
- {
- "name" : "SUSE-SU-2016:1490",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html"
- },
- {
- "name" : "openSUSE-SU-2016:1489",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html"
- },
- {
- "name" : "openSUSE-SU-2016:1496",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
- },
- {
- "name" : "1036026",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1036026"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "The Autofill implementation in Google Chrome before 51.0.2704.79 mishandles the interaction between field updates and JavaScript code that triggers a frame deletion, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted web site, a different vulnerability than CVE-2016-1690."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://crbug.com/608101",
+ "refsource": "CONFIRM",
+ "url": "https://crbug.com/608101"
+ },
+ {
+ "name": "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html",
+ "refsource": "CONFIRM",
+ "url": "http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html"
+ },
+ {
+ "name": "RHSA-2016:1201",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2016:1201"
+ },
+ {
+ "name": "1036026",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1036026"
+ },
+ {
+ "name": "openSUSE-SU-2016:1496",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html"
+ },
+ {
+ "name": "DSA-3594",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3594"
+ },
+ {
+ "name": "https://codereview.chromium.org/1960023002",
+ "refsource": "CONFIRM",
+ "url": "https://codereview.chromium.org/1960023002"
+ },
+ {
+ "name": "SUSE-SU-2016:1490",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00004.html"
+ },
+ {
+ "name": "openSUSE-SU-2016:1489",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00003.html"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1781.json b/2016/1xxx/CVE-2016-1781.json
index 0ce0cb23b9b..18d44366c1a 100644
--- a/2016/1xxx/CVE-2016-1781.json
+++ b/2016/1xxx/CVE-2016-1781.json
@@ -1,87 +1,87 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1781",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "product-security@apple.com",
+ "ID": "CVE-2016-1781",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160331 WebKitGTK+ Security Advisory WSA-2016-0003",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/537948/100/0/threaded"
- },
- {
- "name" : "https://support.apple.com/HT205635",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT205635"
- },
- {
- "name" : "https://support.apple.com/HT205639",
- "refsource" : "CONFIRM",
- "url" : "https://support.apple.com/HT205639"
- },
- {
- "name" : "APPLE-SA-2015-12-08-1",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
- },
- {
- "name" : "APPLE-SA-2015-12-08-5",
- "refsource" : "APPLE",
- "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html"
- },
- {
- "name" : "1035353",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035353"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles attachment URLs, which makes it easier for remote web servers to track users via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://support.apple.com/HT205635",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT205635"
+ },
+ {
+ "name": "1035353",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035353"
+ },
+ {
+ "name": "20160331 WebKitGTK+ Security Advisory WSA-2016-0003",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/537948/100/0/threaded"
+ },
+ {
+ "name": "APPLE-SA-2015-12-08-5",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00003.html"
+ },
+ {
+ "name": "APPLE-SA-2015-12-08-1",
+ "refsource": "APPLE",
+ "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html"
+ },
+ {
+ "name": "https://support.apple.com/HT205639",
+ "refsource": "CONFIRM",
+ "url": "https://support.apple.com/HT205639"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/1xxx/CVE-2016-1962.json b/2016/1xxx/CVE-2016-1962.json
index 6617ea7581e..8e0df4d1b89 100644
--- a/2016/1xxx/CVE-2016-1962.json
+++ b/2016/1xxx/CVE-2016-1962.json
@@ -1,147 +1,147 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-1962",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@mozilla.org",
+ "ID": "CVE-2016-1962",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html"
- },
- {
- "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760",
- "refsource" : "CONFIRM",
- "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760"
- },
- {
- "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
- "refsource" : "CONFIRM",
- "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
- },
- {
- "name" : "DSA-3510",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3510"
- },
- {
- "name" : "DSA-3520",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3520"
- },
- {
- "name" : "GLSA-201605-06",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201605-06"
- },
- {
- "name" : "openSUSE-SU-2016:0894",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"
- },
- {
- "name" : "SUSE-SU-2016:0909",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"
- },
- {
- "name" : "SUSE-SU-2016:0727",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"
- },
- {
- "name" : "SUSE-SU-2016:0777",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"
- },
- {
- "name" : "openSUSE-SU-2016:0731",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
- },
- {
- "name" : "openSUSE-SU-2016:0733",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
- },
- {
- "name" : "SUSE-SU-2016:0820",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"
- },
- {
- "name" : "openSUSE-SU-2016:0876",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"
- },
- {
- "name" : "USN-2917-2",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2917-2"
- },
- {
- "name" : "USN-2917-3",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2917-3"
- },
- {
- "name" : "USN-2917-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-2917-1"
- },
- {
- "name" : "1035215",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1035215"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "openSUSE-SU-2016:0894",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00091.html"
+ },
+ {
+ "name": "SUSE-SU-2016:0820",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00068.html"
+ },
+ {
+ "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
+ },
+ {
+ "name": "openSUSE-SU-2016:0731",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00029.html"
+ },
+ {
+ "name": "SUSE-SU-2016:0727",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00027.html"
+ },
+ {
+ "name": "openSUSE-SU-2016:0876",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00089.html"
+ },
+ {
+ "name": "USN-2917-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2917-1"
+ },
+ {
+ "name": "DSA-3520",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3520"
+ },
+ {
+ "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1240760"
+ },
+ {
+ "name": "SUSE-SU-2016:0909",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00093.html"
+ },
+ {
+ "name": "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html",
+ "refsource": "CONFIRM",
+ "url": "http://www.mozilla.org/security/announce/2016/mfsa2016-25.html"
+ },
+ {
+ "name": "DSA-3510",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3510"
+ },
+ {
+ "name": "openSUSE-SU-2016:0733",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00031.html"
+ },
+ {
+ "name": "1035215",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1035215"
+ },
+ {
+ "name": "SUSE-SU-2016:0777",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00050.html"
+ },
+ {
+ "name": "GLSA-201605-06",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201605-06"
+ },
+ {
+ "name": "USN-2917-2",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2917-2"
+ },
+ {
+ "name": "USN-2917-3",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2917-3"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5135.json b/2016/5xxx/CVE-2016-5135.json
index ff8920eec3e..37d2d0c5dac 100644
--- a/2016/5xxx/CVE-2016-5135.json
+++ b/2016/5xxx/CVE-2016-5135.json
@@ -1,122 +1,122 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-5135",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a \"Content-Security-Policy: referrer origin-when-cross-origin\" header that overrides a \"\" element."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "security@google.com",
+ "ID": "CVE-2016-5135",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html",
- "refsource" : "CONFIRM",
- "url" : "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"
- },
- {
- "name" : "https://codereview.chromium.org/1913983002",
- "refsource" : "CONFIRM",
- "url" : "https://codereview.chromium.org/1913983002"
- },
- {
- "name" : "https://crbug.com/605451",
- "refsource" : "CONFIRM",
- "url" : "https://crbug.com/605451"
- },
- {
- "name" : "DSA-3637",
- "refsource" : "DEBIAN",
- "url" : "http://www.debian.org/security/2016/dsa-3637"
- },
- {
- "name" : "GLSA-201610-09",
- "refsource" : "GENTOO",
- "url" : "https://security.gentoo.org/glsa/201610-09"
- },
- {
- "name" : "RHSA-2016:1485",
- "refsource" : "REDHAT",
- "url" : "http://rhn.redhat.com/errata/RHSA-2016-1485.html"
- },
- {
- "name" : "openSUSE-SU-2016:1865",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"
- },
- {
- "name" : "openSUSE-SU-2016:1868",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"
- },
- {
- "name" : "openSUSE-SU-2016:1869",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"
- },
- {
- "name" : "openSUSE-SU-2016:1918",
- "refsource" : "SUSE",
- "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"
- },
- {
- "name" : "USN-3041-1",
- "refsource" : "UBUNTU",
- "url" : "http://www.ubuntu.com/usn/USN-3041-1"
- },
- {
- "name" : "92053",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92053"
- },
- {
- "name" : "1036428",
- "refsource" : "SECTRACK",
- "url" : "http://www.securitytracker.com/id/1036428"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "WebKit/Source/core/html/parser/HTMLPreloadScanner.cpp in Blink, as used in Google Chrome before 52.0.2743.82, does not consider referrer-policy information inside an HTML document during a preload request, which allows remote attackers to bypass the Content Security Policy (CSP) protection mechanism via a crafted web site, as demonstrated by a \"Content-Security-Policy: referrer origin-when-cross-origin\" header that overrides a \"\" element."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "openSUSE-SU-2016:1868",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"
+ },
+ {
+ "name": "https://crbug.com/605451",
+ "refsource": "CONFIRM",
+ "url": "https://crbug.com/605451"
+ },
+ {
+ "name": "openSUSE-SU-2016:1869",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"
+ },
+ {
+ "name": "92053",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92053"
+ },
+ {
+ "name": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html",
+ "refsource": "CONFIRM",
+ "url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"
+ },
+ {
+ "name": "https://codereview.chromium.org/1913983002",
+ "refsource": "CONFIRM",
+ "url": "https://codereview.chromium.org/1913983002"
+ },
+ {
+ "name": "USN-3041-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-3041-1"
+ },
+ {
+ "name": "openSUSE-SU-2016:1918",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"
+ },
+ {
+ "name": "GLSA-201610-09",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201610-09"
+ },
+ {
+ "name": "openSUSE-SU-2016:1865",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"
+ },
+ {
+ "name": "RHSA-2016:1485",
+ "refsource": "REDHAT",
+ "url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html"
+ },
+ {
+ "name": "1036428",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1036428"
+ },
+ {
+ "name": "DSA-3637",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3637"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5672.json b/2016/5xxx/CVE-2016-5672.json
index 824daa408f0..ff0ca716a3e 100644
--- a/2016/5xxx/CVE-2016-5672.json
+++ b/2016/5xxx/CVE-2016-5672.json
@@ -1,97 +1,97 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cert@cert.org",
- "ID" : "CVE-2016-5672",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cert@cert.org",
+ "ID": "CVE-2016-5672",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "20160729 CVE-2016-5672: Intel Crosswalk SSL Prompt Issue",
- "refsource" : "BUGTRAQ",
- "url" : "http://www.securityfocus.com/archive/1/539051/100/0/threaded"
- },
- {
- "name" : "[crosswalk-help] 20160728 Crosswalk Security Advisory",
- "refsource" : "MLIST",
- "url" : "https://lists.crosswalk-project.org/pipermail/crosswalk-help/2016-July/002167.html"
- },
- {
- "name" : "https://crosswalk-project.org/jira/browse/XWALK-6986",
- "refsource" : "MISC",
- "url" : "https://crosswalk-project.org/jira/browse/XWALK-6986"
- },
- {
- "name" : "https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-crosswalk-ssl-prompt-issue",
- "refsource" : "MISC",
- "url" : "https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-crosswalk-ssl-prompt-issue"
- },
- {
- "name" : "http://packetstormsecurity.com/files/138107/Intel-Crosswalk-Project-Man-In-The-Middle.html",
- "refsource" : "MISC",
- "url" : "http://packetstormsecurity.com/files/138107/Intel-Crosswalk-Project-Man-In-The-Middle.html"
- },
- {
- "name" : "https://blogs.intel.com/evangelists/2016/07/28/crosswalk-security-vulnerability/",
- "refsource" : "CONFIRM",
- "url" : "https://blogs.intel.com/evangelists/2016/07/28/crosswalk-security-vulnerability/"
- },
- {
- "name" : "VU#217871",
- "refsource" : "CERT-VN",
- "url" : "http://www.kb.cert.org/vuls/id/217871"
- },
- {
- "name" : "92199",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92199"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Intel Crosswalk before 19.49.514.5, 20.x before 20.50.533.11, 21.x before 21.51.546.0, and 22.x before 22.51.549.0 interprets a user's acceptance of one invalid X.509 certificate to mean that all invalid X.509 certificates should be accepted without prompting, which makes it easier for man-in-the-middle attackers to spoof SSL servers and obtain sensitive information via a crafted certificate."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://blogs.intel.com/evangelists/2016/07/28/crosswalk-security-vulnerability/",
+ "refsource": "CONFIRM",
+ "url": "https://blogs.intel.com/evangelists/2016/07/28/crosswalk-security-vulnerability/"
+ },
+ {
+ "name": "92199",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92199"
+ },
+ {
+ "name": "https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-crosswalk-ssl-prompt-issue",
+ "refsource": "MISC",
+ "url": "https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-crosswalk-ssl-prompt-issue"
+ },
+ {
+ "name": "https://crosswalk-project.org/jira/browse/XWALK-6986",
+ "refsource": "MISC",
+ "url": "https://crosswalk-project.org/jira/browse/XWALK-6986"
+ },
+ {
+ "name": "http://packetstormsecurity.com/files/138107/Intel-Crosswalk-Project-Man-In-The-Middle.html",
+ "refsource": "MISC",
+ "url": "http://packetstormsecurity.com/files/138107/Intel-Crosswalk-Project-Man-In-The-Middle.html"
+ },
+ {
+ "name": "[crosswalk-help] 20160728 Crosswalk Security Advisory",
+ "refsource": "MLIST",
+ "url": "https://lists.crosswalk-project.org/pipermail/crosswalk-help/2016-July/002167.html"
+ },
+ {
+ "name": "20160729 CVE-2016-5672: Intel Crosswalk SSL Prompt Issue",
+ "refsource": "BUGTRAQ",
+ "url": "http://www.securityfocus.com/archive/1/539051/100/0/threaded"
+ },
+ {
+ "name": "VU#217871",
+ "refsource": "CERT-VN",
+ "url": "http://www.kb.cert.org/vuls/id/217871"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5792.json b/2016/5xxx/CVE-2016-5792.json
index dd3274213be..c367bda96b7 100644
--- a/2016/5xxx/CVE-2016-5792.json
+++ b/2016/5xxx/CVE-2016-5792.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-5792",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "ics-cert@hq.dhs.gov",
+ "ID": "CVE-2016-5792",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-215-01",
- "refsource" : "MISC",
- "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-215-01"
- },
- {
- "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-463",
- "refsource" : "MISC",
- "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-463"
- },
- {
- "name" : "92262",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/92262"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "SQL injection vulnerability in Moxa SoftCMS before 1.5 allows remote attackers to execute arbitrary SQL commands via unspecified fields."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-463",
+ "refsource": "MISC",
+ "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-463"
+ },
+ {
+ "name": "92262",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/92262"
+ },
+ {
+ "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-215-01",
+ "refsource": "MISC",
+ "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-215-01"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2016/5xxx/CVE-2016-5983.json b/2016/5xxx/CVE-2016-5983.json
index 080af565462..8d0b590a394 100644
--- a/2016/5xxx/CVE-2016-5983.json
+++ b/2016/5xxx/CVE-2016-5983.json
@@ -1,72 +1,72 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2016-5983",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "psirt@us.ibm.com",
+ "ID": "CVE-2016-5983",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://www-01.ibm.com/support/docview.wss?uid=swg21990060",
- "refsource" : "CONFIRM",
- "url" : "https://www-01.ibm.com/support/docview.wss?uid=swg21990060"
- },
- {
- "name" : "PI62375",
- "refsource" : "AIXAPAR",
- "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI62375"
- },
- {
- "name" : "93162",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/93162"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.43, 8.0 before 8.0.0.13, 8.5 before 8.5.5.11, 9.0 before 9.0.0.2, and Liberty before 16.0.0.4 allows remote authenticated users to execute arbitrary Java code via a crafted serialized object."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://www-01.ibm.com/support/docview.wss?uid=swg21990060",
+ "refsource": "CONFIRM",
+ "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21990060"
+ },
+ {
+ "name": "PI62375",
+ "refsource": "AIXAPAR",
+ "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI62375"
+ },
+ {
+ "name": "93162",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/93162"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0635.json b/2019/0xxx/CVE-2019-0635.json
index e106fc2d080..b590f99a0a3 100644
--- a/2019/0xxx/CVE-2019-0635.json
+++ b/2019/0xxx/CVE-2019-0635.json
@@ -1,137 +1,137 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "secure@microsoft.com",
- "ID" : "CVE-2019-0635",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "Windows",
- "version" : {
- "version_data" : [
- {
- "version_value" : "7 for x64-based Systems Service Pack 1"
- },
- {
- "version_value" : "8.1 for x64-based systems"
- },
- {
- "version_value" : "10 for x64-based Systems"
- },
- {
- "version_value" : "10 Version 1607 for x64-based Systems"
- },
- {
- "version_value" : "10 Version 1703 for x64-based Systems"
- },
- {
- "version_value" : "10 Version 1709 for x64-based Systems"
- },
- {
- "version_value" : "10 Version 1803 for x64-based Systems"
- },
- {
- "version_value" : "10 Version 1809 for x64-based Systems"
- }
- ]
- }
- },
- {
- "product_name" : "Windows Server",
- "version" : {
- "version_data" : [
- {
- "version_value" : "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
- },
- {
- "version_value" : "2008 R2 for x64-based Systems Service Pack 1"
- },
- {
- "version_value" : "2012"
- },
- {
- "version_value" : "2012 (Core installation)"
- },
- {
- "version_value" : "2012 R2"
- },
- {
- "version_value" : "2012 R2 (Core installation)"
- },
- {
- "version_value" : "2016"
- },
- {
- "version_value" : "2016 (Core installation)"
- },
- {
- "version_value" : "version 1709 (Core Installation)"
- },
- {
- "version_value" : "version 1803 (Core Installation)"
- },
- {
- "version_value" : "2019"
- },
- {
- "version_value" : "2019 (Core installation)"
- },
- {
- "version_value" : "2008 for x64-based Systems Service Pack 2"
- },
- {
- "version_value" : "2008 for x64-based Systems Service Pack 2 (Core installation)"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "Microsoft"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "Information Disclosure"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "secure@microsoft.com",
+ "ID": "CVE-2019-0635",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Windows",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "7 for x64-based Systems Service Pack 1"
+ },
+ {
+ "version_value": "8.1 for x64-based systems"
+ },
+ {
+ "version_value": "10 for x64-based Systems"
+ },
+ {
+ "version_value": "10 Version 1607 for x64-based Systems"
+ },
+ {
+ "version_value": "10 Version 1703 for x64-based Systems"
+ },
+ {
+ "version_value": "10 Version 1709 for x64-based Systems"
+ },
+ {
+ "version_value": "10 Version 1803 for x64-based Systems"
+ },
+ {
+ "version_value": "10 Version 1809 for x64-based Systems"
+ }
+ ]
+ }
+ },
+ {
+ "product_name": "Windows Server",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "2008 R2 for x64-based Systems Service Pack 1 (Core installation)"
+ },
+ {
+ "version_value": "2008 R2 for x64-based Systems Service Pack 1"
+ },
+ {
+ "version_value": "2012"
+ },
+ {
+ "version_value": "2012 (Core installation)"
+ },
+ {
+ "version_value": "2012 R2"
+ },
+ {
+ "version_value": "2012 R2 (Core installation)"
+ },
+ {
+ "version_value": "2016"
+ },
+ {
+ "version_value": "2016 (Core installation)"
+ },
+ {
+ "version_value": "version 1709 (Core Installation)"
+ },
+ {
+ "version_value": "version 1803 (Core Installation)"
+ },
+ {
+ "version_value": "2019"
+ },
+ {
+ "version_value": "2019 (Core installation)"
+ },
+ {
+ "version_value": "2008 for x64-based Systems Service Pack 2"
+ },
+ {
+ "version_value": "2008 for x64-based Systems Service Pack 2 (Core installation)"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "Microsoft"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635",
- "refsource" : "CONFIRM",
- "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635"
- },
- {
- "name" : "106884",
- "refsource" : "BID",
- "url" : "http://www.securityfocus.com/bid/106884"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "Information Disclosure"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635",
+ "refsource": "CONFIRM",
+ "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0635"
+ },
+ {
+ "name": "106884",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/106884"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0753.json b/2019/0xxx/CVE-2019-0753.json
index 4690438234c..f4fef165de9 100644
--- a/2019/0xxx/CVE-2019-0753.json
+++ b/2019/0xxx/CVE-2019-0753.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0753",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0753",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0931.json b/2019/0xxx/CVE-2019-0931.json
index 1a9f1670b63..5306b5fe14a 100644
--- a/2019/0xxx/CVE-2019-0931.json
+++ b/2019/0xxx/CVE-2019-0931.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0931",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0931",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/0xxx/CVE-2019-0935.json b/2019/0xxx/CVE-2019-0935.json
index bd961ad0b50..25078ea8e16 100644
--- a/2019/0xxx/CVE-2019-0935.json
+++ b/2019/0xxx/CVE-2019-0935.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-0935",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-0935",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1229.json b/2019/1xxx/CVE-2019-1229.json
index 0583222a7f0..0d62c750b51 100644
--- a/2019/1xxx/CVE-2019-1229.json
+++ b/2019/1xxx/CVE-2019-1229.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1229",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1229",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1505.json b/2019/1xxx/CVE-2019-1505.json
index 299cca0b1c2..4e0c79490d8 100644
--- a/2019/1xxx/CVE-2019-1505.json
+++ b/2019/1xxx/CVE-2019-1505.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1505",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1505",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1519.json b/2019/1xxx/CVE-2019-1519.json
index dc7f8923d1b..dc2c2a0bc22 100644
--- a/2019/1xxx/CVE-2019-1519.json
+++ b/2019/1xxx/CVE-2019-1519.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1519",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1519",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/1xxx/CVE-2019-1848.json b/2019/1xxx/CVE-2019-1848.json
index c115a2a24ea..e753a9fb294 100644
--- a/2019/1xxx/CVE-2019-1848.json
+++ b/2019/1xxx/CVE-2019-1848.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-1848",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-1848",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/3xxx/CVE-2019-3247.json b/2019/3xxx/CVE-2019-3247.json
index ef58b6c6bac..5b7a1e5aa8a 100644
--- a/2019/3xxx/CVE-2019-3247.json
+++ b/2019/3xxx/CVE-2019-3247.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-3247",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-3247",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4388.json b/2019/4xxx/CVE-2019-4388.json
index 9d478a5a7f8..a6c330b6d53 100644
--- a/2019/4xxx/CVE-2019-4388.json
+++ b/2019/4xxx/CVE-2019-4388.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4388",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4388",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4471.json b/2019/4xxx/CVE-2019-4471.json
index 9f06fc7e0bb..c375e7ac7d8 100644
--- a/2019/4xxx/CVE-2019-4471.json
+++ b/2019/4xxx/CVE-2019-4471.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4471",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4471",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4697.json b/2019/4xxx/CVE-2019-4697.json
index b561fb78075..4b29faaa98a 100644
--- a/2019/4xxx/CVE-2019-4697.json
+++ b/2019/4xxx/CVE-2019-4697.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4697",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4697",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/4xxx/CVE-2019-4744.json b/2019/4xxx/CVE-2019-4744.json
index f5066f0b96e..5336919bdb5 100644
--- a/2019/4xxx/CVE-2019-4744.json
+++ b/2019/4xxx/CVE-2019-4744.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-4744",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-4744",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5016.json b/2019/5xxx/CVE-2019-5016.json
index 0c0e4072e97..78e57cd9524 100644
--- a/2019/5xxx/CVE-2019-5016.json
+++ b/2019/5xxx/CVE-2019-5016.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5016",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5016",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/5xxx/CVE-2019-5118.json b/2019/5xxx/CVE-2019-5118.json
index 1e64bc55944..1e7509825c6 100644
--- a/2019/5xxx/CVE-2019-5118.json
+++ b/2019/5xxx/CVE-2019-5118.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-5118",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-5118",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/8xxx/CVE-2019-8300.json b/2019/8xxx/CVE-2019-8300.json
index 22f0392fc18..982d69ab3a2 100644
--- a/2019/8xxx/CVE-2019-8300.json
+++ b/2019/8xxx/CVE-2019-8300.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-8300",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-8300",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/8xxx/CVE-2019-8451.json b/2019/8xxx/CVE-2019-8451.json
index 4cd67a749ed..4e463fb3040 100644
--- a/2019/8xxx/CVE-2019-8451.json
+++ b/2019/8xxx/CVE-2019-8451.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-8451",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-8451",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/8xxx/CVE-2019-8520.json b/2019/8xxx/CVE-2019-8520.json
index ec95d9f7749..bd3e2dd6272 100644
--- a/2019/8xxx/CVE-2019-8520.json
+++ b/2019/8xxx/CVE-2019-8520.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-8520",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-8520",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/8xxx/CVE-2019-8576.json b/2019/8xxx/CVE-2019-8576.json
index 202406f5e25..ffcc951e350 100644
--- a/2019/8xxx/CVE-2019-8576.json
+++ b/2019/8xxx/CVE-2019-8576.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-8576",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-8576",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/8xxx/CVE-2019-8969.json b/2019/8xxx/CVE-2019-8969.json
index 606328cfc7c..cfadee748e5 100644
--- a/2019/8xxx/CVE-2019-8969.json
+++ b/2019/8xxx/CVE-2019-8969.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-8969",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-8969",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9429.json b/2019/9xxx/CVE-2019-9429.json
index 6e8aafd6999..1352428a82b 100644
--- a/2019/9xxx/CVE-2019-9429.json
+++ b/2019/9xxx/CVE-2019-9429.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9429",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9429",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9555.json b/2019/9xxx/CVE-2019-9555.json
index 91303c31a96..80bb0e677de 100644
--- a/2019/9xxx/CVE-2019-9555.json
+++ b/2019/9xxx/CVE-2019-9555.json
@@ -1,62 +1,62 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9555",
- "STATE" : "PUBLIC"
- },
- "affects" : {
- "vendor" : {
- "vendor_data" : [
- {
- "product" : {
- "product_data" : [
- {
- "product_name" : "n/a",
- "version" : {
- "version_data" : [
- {
- "version_value" : "n/a"
- }
- ]
- }
- }
- ]
- },
- "vendor_name" : "n/a"
- }
- ]
- }
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small."
- }
- ]
- },
- "problemtype" : {
- "problemtype_data" : [
- {
- "description" : [
- {
- "lang" : "eng",
- "value" : "n/a"
- }
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9555",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
]
- }
- ]
- },
- "references" : {
- "reference_data" : [
- {
- "name" : "https://seclists.org/fulldisclosure/2019/Mar/12",
- "refsource" : "MISC",
- "url" : "https://seclists.org/fulldisclosure/2019/Mar/12"
- }
- ]
- }
-}
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://seclists.org/fulldisclosure/2019/Mar/12",
+ "refsource": "MISC",
+ "url": "https://seclists.org/fulldisclosure/2019/Mar/12"
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2019/9xxx/CVE-2019-9621.json b/2019/9xxx/CVE-2019-9621.json
index cec27fc1b36..f0fb50aed3f 100644
--- a/2019/9xxx/CVE-2019-9621.json
+++ b/2019/9xxx/CVE-2019-9621.json
@@ -1,18 +1,18 @@
{
- "CVE_data_meta" : {
- "ASSIGNER" : "cve@mitre.org",
- "ID" : "CVE-2019-9621",
- "STATE" : "RESERVED"
- },
- "data_format" : "MITRE",
- "data_type" : "CVE",
- "data_version" : "4.0",
- "description" : {
- "description_data" : [
- {
- "lang" : "eng",
- "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
- }
- ]
- }
-}
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2019-9621",
+ "STATE": "RESERVED"
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file