From cd7190b210e25533044eedce613e6d65d5f833f4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:28:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0109.json | 120 ++++++------ 1999/0xxx/CVE-1999-0992.json | 120 ++++++------ 2007/0xxx/CVE-2007-0011.json | 200 +++++++++---------- 2007/0xxx/CVE-2007-0320.json | 190 +++++++++--------- 2007/0xxx/CVE-2007-0670.json | 220 ++++++++++----------- 2007/0xxx/CVE-2007-0749.json | 200 +++++++++---------- 2007/0xxx/CVE-2007-0941.json | 34 ++-- 2007/0xxx/CVE-2007-0960.json | 210 ++++++++++---------- 2007/1xxx/CVE-2007-1053.json | 150 +++++++------- 2007/1xxx/CVE-2007-1078.json | 180 ++++++++--------- 2007/1xxx/CVE-2007-1472.json | 200 +++++++++---------- 2007/1xxx/CVE-2007-1786.json | 170 ++++++++-------- 2007/5xxx/CVE-2007-5093.json | 330 +++++++++++++++---------------- 2007/5xxx/CVE-2007-5289.json | 190 +++++++++--------- 2007/5xxx/CVE-2007-5830.json | 150 +++++++------- 2007/5xxx/CVE-2007-5936.json | 370 +++++++++++++++++------------------ 2015/3xxx/CVE-2015-3802.json | 170 ++++++++-------- 2015/3xxx/CVE-2015-3831.json | 130 ++++++------ 2015/6xxx/CVE-2015-6053.json | 140 ++++++------- 2015/7xxx/CVE-2015-7331.json | 130 ++++++------ 2015/7xxx/CVE-2015-7787.json | 140 ++++++------- 2015/7xxx/CVE-2015-7906.json | 120 ++++++------ 2015/8xxx/CVE-2015-8006.json | 140 ++++++------- 2015/8xxx/CVE-2015-8235.json | 150 +++++++------- 2015/8xxx/CVE-2015-8477.json | 160 +++++++-------- 2015/8xxx/CVE-2015-8481.json | 140 ++++++------- 2015/8xxx/CVE-2015-8658.json | 140 ++++++------- 2015/8xxx/CVE-2015-8684.json | 130 ++++++------ 2016/0xxx/CVE-2016-0589.json | 130 ++++++------ 2016/0xxx/CVE-2016-0750.json | 202 +++++++++---------- 2016/0xxx/CVE-2016-0901.json | 140 ++++++------- 2016/0xxx/CVE-2016-0961.json | 190 +++++++++--------- 2016/1xxx/CVE-2016-1082.json | 130 ++++++------ 2016/1xxx/CVE-2016-1397.json | 130 ++++++------ 2016/1xxx/CVE-2016-1547.json | 254 ++++++++++++------------ 2016/5xxx/CVE-2016-5348.json | 182 ++++++++--------- 2016/5xxx/CVE-2016-5354.json | 180 ++++++++--------- 2016/5xxx/CVE-2016-5447.json | 150 +++++++------- 2016/5xxx/CVE-2016-5537.json | 180 ++++++++--------- 2019/0xxx/CVE-2019-0091.json | 34 ++-- 2019/0xxx/CVE-2019-0521.json | 34 ++-- 2019/0xxx/CVE-2019-0656.json | 294 ++++++++++++++-------------- 2019/1xxx/CVE-2019-1243.json | 34 ++-- 2019/1xxx/CVE-2019-1353.json | 34 ++-- 2019/1xxx/CVE-2019-1565.json | 132 ++++++------- 2019/1xxx/CVE-2019-1859.json | 34 ++-- 2019/1xxx/CVE-2019-1995.json | 132 ++++++------- 2019/4xxx/CVE-2019-4323.json | 34 ++-- 2019/4xxx/CVE-2019-4604.json | 34 ++-- 2019/4xxx/CVE-2019-4618.json | 34 ++-- 2019/4xxx/CVE-2019-4811.json | 34 ++-- 2019/5xxx/CVE-2019-5520.json | 34 ++-- 2019/5xxx/CVE-2019-5563.json | 34 ++-- 2019/5xxx/CVE-2019-5904.json | 34 ++-- 2019/5xxx/CVE-2019-5992.json | 34 ++-- 2019/8xxx/CVE-2019-8173.json | 34 ++-- 2019/8xxx/CVE-2019-8509.json | 34 ++-- 2019/8xxx/CVE-2019-8663.json | 34 ++-- 2019/9xxx/CVE-2019-9052.json | 120 ++++++------ 2019/9xxx/CVE-2019-9098.json | 34 ++-- 2019/9xxx/CVE-2019-9250.json | 34 ++-- 2019/9xxx/CVE-2019-9424.json | 34 ++-- 62 files changed, 3958 insertions(+), 3958 deletions(-) diff --git a/1999/0xxx/CVE-1999-0109.json b/1999/0xxx/CVE-1999-0109.json index f1222922c99..5d19b572345 100644 --- a/1999/0xxx/CVE-1999-0109.json +++ b/1999/0xxx/CVE-1999-0109.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0109", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in ffbconfig in Solaris 2.5.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00140", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in ffbconfig in Solaris 2.5.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00140", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/140" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0992.json b/1999/0xxx/CVE-1999-0992.json index 6a4c7b66ef0..16798384247 100644 --- a/1999/0xxx/CVE-1999-0992.json +++ b/1999/0xxx/CVE-1999-0992.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBUX9912-107", - "refsource" : "HP", - "url" : "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBUX9912-107", + "refsource": "HP", + "url": "http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX9912-107" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0011.json b/2007/0xxx/CVE-2007-0011.json index ecad3ce1e9d..7c55879cab6 100644 --- a/2007/0xxx/CVE-2007-0011.json +++ b/2007/0xxx/CVE-2007-0011.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0011", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading \"residual information\", including the a referer log, browser history, or browser cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0011", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071022 Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482626/100/100/threaded" - }, - { - "name" : "http://support.citrix.com/article/CTX112803", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX112803" - }, - { - "name" : "http://support.citrix.com/article/CTX113814", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX113814" - }, - { - "name" : "24975", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24975" - }, - { - "name" : "ADV-2007-2583", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2583" - }, - { - "name" : "45288", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45288" - }, - { - "name" : "1018435", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018435" - }, - { - "name" : "26143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26143" - }, - { - "name" : "citrix-access-unspeci-information-disclosure(35510)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35510" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web portal interface in Citrix Access Gateway (aka Citrix Advanced Access Control) before Advanced Edition 4.5 HF1 places a session ID in the URL, which allows context-dependent attackers to hijack sessions by reading \"residual information\", including the a referer log, browser history, or browser cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-2583", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2583" + }, + { + "name": "26143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26143" + }, + { + "name": "24975", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24975" + }, + { + "name": "45288", + "refsource": "OSVDB", + "url": "http://osvdb.org/45288" + }, + { + "name": "1018435", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018435" + }, + { + "name": "citrix-access-unspeci-information-disclosure(35510)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35510" + }, + { + "name": "http://support.citrix.com/article/CTX112803", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX112803" + }, + { + "name": "20071022 Corsaire Security Advisory - Citrix Access Gateway session ID disclosure issue", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482626/100/100/threaded" + }, + { + "name": "http://support.citrix.com/article/CTX113814", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX113814" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0320.json b/2007/0xxx/CVE-2007-0320.json index 124d16eaa59..faf22ec842c 100644 --- a/2007/0xxx/CVE-2007-0320.json +++ b/2007/0xxx/CVE-2007-0320.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0320", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-0320", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/MAPG-6UQUDP", - "refsource" : "MISC", - "url" : "http://www.kb.cert.org/vuls/id/MAPG-6UQUDP" - }, - { - "name" : "VU#181041", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/181041" - }, - { - "name" : "22672", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22672" - }, - { - "name" : "ADV-2007-0705", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0705" - }, - { - "name" : "33530", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33530" - }, - { - "name" : "33531", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33531" - }, - { - "name" : "24285", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24285" - }, - { - "name" : "macrovision-installfromtheweb-activex-bo(32645)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in (a) an ActiveX control (iftw.dll) and (b) Netscape plug-in (npiftw32.dll) for Macrovision (formerly InstallShield) InstallFromTheWeb allow remote attackers to execute arbitrary code via crafted HTML documents." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22672", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22672" + }, + { + "name": "macrovision-installfromtheweb-activex-bo(32645)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32645" + }, + { + "name": "33530", + "refsource": "OSVDB", + "url": "http://osvdb.org/33530" + }, + { + "name": "24285", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24285" + }, + { + "name": "ADV-2007-0705", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0705" + }, + { + "name": "VU#181041", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/181041" + }, + { + "name": "http://www.kb.cert.org/vuls/id/MAPG-6UQUDP", + "refsource": "MISC", + "url": "http://www.kb.cert.org/vuls/id/MAPG-6UQUDP" + }, + { + "name": "33531", + "refsource": "OSVDB", + "url": "http://osvdb.org/33531" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0670.json b/2007/0xxx/CVE-2007-0670.json index 607151031ca..09f62072288 100644 --- a/2007/0xxx/CVE-2007-0670.json +++ b/2007/0xxx/CVE-2007-0670.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0670", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the \"r-commands\", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0670", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "ftp://aix.software.ibm.com/aix/efixes/security/README", - "refsource" : "CONFIRM", - "url" : "ftp://aix.software.ibm.com/aix/efixes/security/README" - }, - { - "name" : "IY94301", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94301" - }, - { - "name" : "IY94368", - "refsource" : "AIXAPAR", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94368" - }, - { - "name" : "22370", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22370" - }, - { - "name" : "22456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22456" - }, - { - "name" : "ADV-2007-0471", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0471" - }, - { - "name" : "31696", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31696" - }, - { - "name" : "1017583", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017583" - }, - { - "name" : "1017607", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017607" - }, - { - "name" : "23995", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23995" - }, - { - "name" : "aix-rdist-bo(32184)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32184" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in bos.rte.libc in IBM AIX 5.2 and 5.3 allows local users to execute arbitrary code via the \"r-commands\", possibly including (1) rdist, (2) rsh, (3) rcp, (4) rsync, and (5) rlogin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017583", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017583" + }, + { + "name": "31696", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31696" + }, + { + "name": "22456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22456" + }, + { + "name": "23995", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23995" + }, + { + "name": "22370", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22370" + }, + { + "name": "1017607", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017607" + }, + { + "name": "ADV-2007-0471", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0471" + }, + { + "name": "IY94301", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94301" + }, + { + "name": "aix-rdist-bo(32184)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32184" + }, + { + "name": "ftp://aix.software.ibm.com/aix/efixes/security/README", + "refsource": "CONFIRM", + "url": "ftp://aix.software.ibm.com/aix/efixes/security/README" + }, + { + "name": "IY94368", + "refsource": "AIXAPAR", + "url": "http://www-1.ibm.com/support/docview.wss?uid=isg1IY94368" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0749.json b/2007/0xxx/CVE-2007-0749.json index 18054ab6890..653c4536fe2 100644 --- a/2007/0xxx/CVE-2007-0749.json +++ b/2007/0xxx/CVE-2007-0749.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0749", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0749", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070510 Apple Darwin Streaming Proxy Multiple Vulnerabilities", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=305495", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305495" - }, - { - "name" : "APPLE-SA-2007-05-10", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html" - }, - { - "name" : "23918", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23918" - }, - { - "name" : "ADV-2007-1770", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1770" - }, - { - "name" : "35976", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35976" - }, - { - "name" : "1018047", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018047" - }, - { - "name" : "25193", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25193" - }, - { - "name" : "darwin-iscommand-bo(34222)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the is_command function in proxy.c in Apple Darwin Streaming Proxy, when using Darwin Streaming Server before 5.5.5, allow remote attackers to execute arbitrary code via a long (1) cmd or (2) server value in an RTSP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-1770", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1770" + }, + { + "name": "APPLE-SA-2007-05-10", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/May/msg00002.html" + }, + { + "name": "23918", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23918" + }, + { + "name": "20070510 Apple Darwin Streaming Proxy Multiple Vulnerabilities", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=533" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305495", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305495" + }, + { + "name": "35976", + "refsource": "OSVDB", + "url": "http://osvdb.org/35976" + }, + { + "name": "darwin-iscommand-bo(34222)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34222" + }, + { + "name": "1018047", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018047" + }, + { + "name": "25193", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25193" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0941.json b/2007/0xxx/CVE-2007-0941.json index 1c28e716972..71aa74748ed 100644 --- a/2007/0xxx/CVE-2007-0941.json +++ b/2007/0xxx/CVE-2007-0941.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0941", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-0941", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0960.json b/2007/0xxx/CVE-2007-0960.json index 9f354ffde48..e72ceaa1903 100644 --- a/2007/0xxx/CVE-2007-0960.json +++ b/2007/0xxx/CVE-2007-0960.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0960", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0960", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml" - }, - { - "name" : "22562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22562" - }, - { - "name" : "22561", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22561" - }, - { - "name" : "ADV-2007-0608", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0608" - }, - { - "name" : "33063", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33063" - }, - { - "name" : "1017651", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017651" - }, - { - "name" : "1017652", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017652" - }, - { - "name" : "24160", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24160" - }, - { - "name" : "24179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24179" - }, - { - "name" : "cisco-pix-asa-local-privilege-escalation(32489)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32489" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco PIX 500 and ASA 5500 Series Security Appliances 7.2.2, when configured to use the LOCAL authentication method, allows remote authenticated users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0608", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0608" + }, + { + "name": "1017651", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017651" + }, + { + "name": "20070214 Multiple Vulnerabilities in Cisco PIX and ASA Appliances", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml" + }, + { + "name": "24179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24179" + }, + { + "name": "22561", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22561" + }, + { + "name": "33063", + "refsource": "OSVDB", + "url": "http://osvdb.org/33063" + }, + { + "name": "22562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22562" + }, + { + "name": "24160", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24160" + }, + { + "name": "1017652", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017652" + }, + { + "name": "cisco-pix-asa-local-privilege-escalation(32489)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32489" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1053.json b/2007/1xxx/CVE-2007-1053.json index 485cbd0fe9c..fb540316492 100644 --- a/2007/1xxx/CVE-2007-1053.json +++ b/2007/1xxx/CVE-2007-1053.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1053", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third party, stating that the tcmdp variable is initialized by config.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1053", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070220 phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460618/100/0/threaded" - }, - { - "name" : "20070220 false: phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2007-February/001365.html" - }, - { - "name" : "33749", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33749" - }, - { - "name" : "2273", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in phpXmms 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the tcmdp parameter to (1) phpxmmsb.php or (2) phpxmmst.php. NOTE: this issue has been disputed by a reliable third party, stating that the tcmdp variable is initialized by config.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070220 false: phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2007-February/001365.html" + }, + { + "name": "2273", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2273" + }, + { + "name": "20070220 phpXmms 1.0 (tcmdp) Remote File Include Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460618/100/0/threaded" + }, + { + "name": "33749", + "refsource": "OSVDB", + "url": "http://osvdb.org/33749" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1078.json b/2007/1xxx/CVE-2007-1078.json index 3c0ddffee80..d467de8b694 100644 --- a/2007/1xxx/CVE-2007-1078.json +++ b/2007/1xxx/CVE-2007-1078.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1078", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070221 FlashGameScript v1.5.4 Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460951/100/0/threaded" - }, - { - "name" : "3360", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3360" - }, - { - "name" : "22646", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22646" - }, - { - "name" : "ADV-2007-0707", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0707" - }, - { - "name" : "33492", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33492" - }, - { - "name" : "24267", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24267" - }, - { - "name" : "flashgamescript-index-file-include(32635)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32635" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in FlashGameScript 1.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the func parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0707", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0707" + }, + { + "name": "flashgamescript-index-file-include(32635)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32635" + }, + { + "name": "22646", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22646" + }, + { + "name": "20070221 FlashGameScript v1.5.4 Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460951/100/0/threaded" + }, + { + "name": "24267", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24267" + }, + { + "name": "3360", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3360" + }, + { + "name": "33492", + "refsource": "OSVDB", + "url": "http://osvdb.org/33492" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1472.json b/2007/1xxx/CVE-2007-1472.json index 0409f680586..e1d402e132f 100644 --- a/2007/1xxx/CVE-2007-1472.json +++ b/2007/1xxx/CVE-2007-1472.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1472", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via arguments that are written to $_GLOBALS, as demonstrated using a URL in the c_basepath parameter to (1) content.php, (2) userprofile.php, (3) password.php, (4) dispatch.php, and (5) deliver.php in html/, and possibly (6) load.inc.php and related files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462918/100/0/threaded" - }, - { - "name" : "3486", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3486" - }, - { - "name" : "http://advisories.echo.or.id/adv/adv75-theday-2007.txt", - "refsource" : "MISC", - "url" : "http://advisories.echo.or.id/adv/adv75-theday-2007.txt" - }, - { - "name" : "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-March/001435.html" - }, - { - "name" : "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-March/001436.html" - }, - { - "name" : "ADV-2007-0995", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0995" - }, - { - "name" : "34476", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34476" - }, - { - "name" : "2428", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2428" - }, - { - "name" : "groupit-cbasepath-file-include(33000)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33000" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via arguments that are written to $_GLOBALS, as demonstrated using a URL in the c_basepath parameter to (1) content.php, (2) userprofile.php, (3) password.php, (4) dispatch.php, and (5) deliver.php in html/, and possibly (6) load.inc.php and related files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://advisories.echo.or.id/adv/adv75-theday-2007.txt", + "refsource": "MISC", + "url": "http://advisories.echo.or.id/adv/adv75-theday-2007.txt" + }, + { + "name": "ADV-2007-0995", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0995" + }, + { + "name": "3486", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3486" + }, + { + "name": "34476", + "refsource": "OSVDB", + "url": "http://osvdb.org/34476" + }, + { + "name": "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-March/001435.html" + }, + { + "name": "2428", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2428" + }, + { + "name": "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462918/100/0/threaded" + }, + { + "name": "groupit-cbasepath-file-include(33000)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33000" + }, + { + "name": "20070315 [ECHO_ADV_75$2007] Groupit 2.00b5 (c_basepath) Remote File Inclusion Vulnerability", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-March/001436.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1786.json b/2007/1xxx/CVE-2007-1786.json index 224f1130bb8..e38964676dc 100644 --- a/2007/1xxx/CVE-2007-1786.json +++ b/2007/1xxx/CVE-2007-1786.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1786", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1786", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html" - }, - { - "name" : "23208", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23208" - }, - { - "name" : "ADV-2007-1168", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1168" - }, - { - "name" : "34544", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34544" - }, - { - "name" : "24693", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24693" - }, - { - "name" : "hitachi-collaboration-sql-injection(33348)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Hitachi Collaboration - Online Community Management 01-00 through 01-30, as used in Groupmax Collaboration Portal, Groupmax Collaboration Web Client, uCosminexus Collaboration Portal, Cosminexus Collaboration Portal, and uCosminexus Content Manager, allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-008_e/index-e.html" + }, + { + "name": "23208", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23208" + }, + { + "name": "ADV-2007-1168", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1168" + }, + { + "name": "34544", + "refsource": "OSVDB", + "url": "http://osvdb.org/34544" + }, + { + "name": "24693", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24693" + }, + { + "name": "hitachi-collaboration-sql-injection(33348)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33348" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5093.json b/2007/5xxx/CVE-2007-5093.json index 005f72b89e2..b73a5271b2b 100644 --- a/2007/5xxx/CVE-2007-5093.json +++ b/2007/5xxx/CVE-2007-5093.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5093", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 \"relies on user space to close the device,\" which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-5093", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070902 Oops in pwc v4l driver", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-kernel&m=118873457814808&w=2" - }, - { - "name" : "20070903 Re: Oops in pwc v4l driver", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=linux-kernel&m=118880154122548&w=2" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6" - }, - { - "name" : "DSA-1381", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1381" - }, - { - "name" : "DSA-1503", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1503" - }, - { - "name" : "DSA-1504", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1504" - }, - { - "name" : "MDVSA-2008:008", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008" - }, - { - "name" : "MDVSA-2008:105", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" - }, - { - "name" : "RHSA-2008:0275", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0275.html" - }, - { - "name" : "RHSA-2008:0972", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2008-0972.html" - }, - { - "name" : "USN-574-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-574-1" - }, - { - "name" : "USN-558-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-558-1" - }, - { - "name" : "USN-578-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-578-1" - }, - { - "name" : "25504", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25504" - }, - { - "name" : "oval:org.mitre.oval:def:10494", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10494" - }, - { - "name" : "26994", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26994" - }, - { - "name" : "28706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28706" - }, - { - "name" : "28170", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28170" - }, - { - "name" : "28971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28971" - }, - { - "name" : "29058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29058" - }, - { - "name" : "30294", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30294" - }, - { - "name" : "32799", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32799" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 \"relies on user space to close the device,\" which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2008:0275", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0275.html" + }, + { + "name": "30294", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30294" + }, + { + "name": "20070902 Oops in pwc v4l driver", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-kernel&m=118873457814808&w=2" + }, + { + "name": "20070903 Re: Oops in pwc v4l driver", + "refsource": "MLIST", + "url": "http://marc.info/?l=linux-kernel&m=118880154122548&w=2" + }, + { + "name": "RHSA-2008:0972", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2008-0972.html" + }, + { + "name": "28706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28706" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.6" + }, + { + "name": "26994", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26994" + }, + { + "name": "DSA-1504", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1504" + }, + { + "name": "MDVSA-2008:008", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008" + }, + { + "name": "oval:org.mitre.oval:def:10494", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10494" + }, + { + "name": "USN-558-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-558-1" + }, + { + "name": "DSA-1381", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1381" + }, + { + "name": "MDVSA-2008:105", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" + }, + { + "name": "DSA-1503", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1503" + }, + { + "name": "USN-574-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-574-1" + }, + { + "name": "29058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29058" + }, + { + "name": "28971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28971" + }, + { + "name": "25504", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25504" + }, + { + "name": "28170", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28170" + }, + { + "name": "32799", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32799" + }, + { + "name": "USN-578-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-578-1" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5289.json b/2007/5xxx/CVE-2007-5289.json index 5ca4cb41d69..f6cafcf232b 100644 --- a/2007/5xxx/CVE-2007-5289.json +++ b/2007/5xxx/CVE-2007-5289.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement \"workflow\" and decisions about the \"capability\" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\\TD_80, and then setting the file's properties to read-only." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090223 HP Quality Center vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/501177/100/0/threaded" - }, - { - "name" : "20090224 Re: HP Quality Center vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/501219/100/0/threaded" - }, - { - "name" : "http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/", - "refsource" : "MISC", - "url" : "http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/" - }, - { - "name" : "VU#898865", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/898865" - }, - { - "name" : "33854", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/33854" - }, - { - "name" : "34015", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34015" - }, - { - "name" : "34046", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/34046" - }, - { - "name" : "hpqualitycenter-workflowscripts-sec-bypass(48860)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/48860" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HP Mercury Quality Center (QC) 9.2 and earlier, and possibly TestDirector, relies on cached client-side scripts to implement \"workflow\" and decisions about the \"capability\" of a user, which allows remote attackers to execute arbitrary code via crafted use of the Open Test Architecture (OTA) API, as demonstrated by modifying (1) common.tds, (2) defects.tds, (3) manrun.tds, (4) req.tds, (5) testlab.tds, or (6) testplan.tds in %tmp%\\TD_80, and then setting the file's properties to read-only." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34046", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34046" + }, + { + "name": "20090223 HP Quality Center vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/501177/100/0/threaded" + }, + { + "name": "33854", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/33854" + }, + { + "name": "34015", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/34015" + }, + { + "name": "hpqualitycenter-workflowscripts-sec-bypass(48860)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48860" + }, + { + "name": "VU#898865", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/898865" + }, + { + "name": "20090224 Re: HP Quality Center vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/501219/100/0/threaded" + }, + { + "name": "http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/", + "refsource": "MISC", + "url": "http://blogs.exposit.co.uk/2009/02/23/vulnerability-in-quality-center/" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5830.json b/2007/5xxx/CVE-2007-5830.json index 668aca2046b..902eb047d64 100644 --- a/2007/5xxx/CVE-2007-5830.json +++ b/2007/5xxx/CVE-2007-5830.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5830", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5830", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm" - }, - { - "name" : "26295", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26295" - }, - { - "name" : "38482", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38482" - }, - { - "name" : "27505", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the administrative interface in Avaya Messaging Storage Server (MSS) 3.1 before SP1, and Message Networking (MN) 3.1, allows remote attackers to cause a denial of service via unspecified vectors related to \"input validation.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-415.htm" + }, + { + "name": "38482", + "refsource": "OSVDB", + "url": "http://osvdb.org/38482" + }, + { + "name": "27505", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27505" + }, + { + "name": "26295", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26295" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5936.json b/2007/5xxx/CVE-2007-5936.json index 33b755ffa69..dfb49b2094a 100644 --- a/2007/5xxx/CVE-2007-5936.json +++ b/2007/5xxx/CVE-2007-5936.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5936", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5936", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/487984/100/0/threaded" - }, - { - "name" : "http://bugs.gentoo.org/attachment.cgi?id=135423", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/attachment.cgi?id=135423" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=368611", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=368611" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=198238", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=198238" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1928", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1928" - }, - { - "name" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266", - "refsource" : "CONFIRM", - "url" : "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266" - }, - { - "name" : "FEDORA-2007-3390", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" - }, - { - "name" : "GLSA-200711-26", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-26.xml" - }, - { - "name" : "GLSA-200711-34", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200711-34.xml" - }, - { - "name" : "GLSA-200805-13", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200805-13.xml" - }, - { - "name" : "MDKSA-2007:230", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" - }, - { - "name" : "SUSE-SR:2008:001", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" - }, - { - "name" : "SUSE-SR:2008:011", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" - }, - { - "name" : "USN-554-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/554-1/" - }, - { - "name" : "26469", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26469" - }, - { - "name" : "42238", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42238" - }, - { - "name" : "ADV-2007-3896", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3896" - }, - { - "name" : "1019058", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019058" - }, - { - "name" : "27672", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27672" - }, - { - "name" : "27686", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27686" - }, - { - "name" : "27743", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27743" - }, - { - "name" : "27967", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27967" - }, - { - "name" : "28107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28107" - }, - { - "name" : "27718", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27718" - }, - { - "name" : "28412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28412" - }, - { - "name" : "30168", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30168" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dvips in teTeX and TeXlive 2007 and earlier allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.gentoo.org/attachment.cgi?id=135423", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/attachment.cgi?id=135423" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1928", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1928" + }, + { + "name": "27672", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27672" + }, + { + "name": "27743", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27743" + }, + { + "name": "SUSE-SR:2008:011", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html" + }, + { + "name": "28412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28412" + }, + { + "name": "27686", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27686" + }, + { + "name": "USN-554-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/554-1/" + }, + { + "name": "42238", + "refsource": "OSVDB", + "url": "http://osvdb.org/42238" + }, + { + "name": "26469", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26469" + }, + { + "name": "GLSA-200805-13", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200805-13.xml" + }, + { + "name": "GLSA-200711-26", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-26.xml" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=198238", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=198238" + }, + { + "name": "30168", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30168" + }, + { + "name": "ADV-2007-3896", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3896" + }, + { + "name": "27718", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27718" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=368611", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611" + }, + { + "name": "GLSA-200711-34", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200711-34.xml" + }, + { + "name": "27967", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27967" + }, + { + "name": "FEDORA-2007-3390", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00663.html" + }, + { + "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266", + "refsource": "CONFIRM", + "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2007-0266" + }, + { + "name": "1019058", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019058" + }, + { + "name": "28107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28107" + }, + { + "name": "MDKSA-2007:230", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:230" + }, + { + "name": "20080212 FLEA-2008-0006-1 tetex tetex-dvips tetex-fonts", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/487984/100/0/threaded" + }, + { + "name": "SUSE-SR:2008:001", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00002.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3802.json b/2015/3xxx/CVE-2015-3802.json index 280dfd1ae73..ec645d7f990 100644 --- a/2015/3xxx/CVE-2015-3802.json +++ b/2015/3xxx/CVE-2015-3802.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3802", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3802", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "76343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76343" - }, - { - "name" : "1033275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apple iOS before 8.4.1 and OS X before 10.10.5 allow local users to bypass a code-signing protection mechanism via a crafted Mach-O file, a different vulnerability than CVE-2015-3805." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "1033275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033275" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "76343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76343" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3831.json b/2015/3xxx/CVE-2015-3831.json index 7eca64ef856..d8d1f5aa09f 100644 --- a/2015/3xxx/CVE-2015-3831.json +++ b/2015/3xxx/CVE-2015-3831.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3831", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 19400722." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3831", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/51504928746edff6c94a1c498cf99c0a83bedaed", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/51504928746edff6c94a1c498cf99c0a83bedaed" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 19400722." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/51504928746edff6c94a1c498cf99c0a83bedaed", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/51504928746edff6c94a1c498cf99c0a83bedaed" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6053.json b/2015/6xxx/CVE-2015-6053.json index 60a9ba6e24d..3117d555957 100644 --- a/2015/6xxx/CVE-2015-6053.json +++ b/2015/6xxx/CVE-2015-6053.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6053", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka \"Internet Explorer Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6053", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-518", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-518" - }, - { - "name" : "MS15-106", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" - }, - { - "name" : "1033800", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka \"Internet Explorer Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033800", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033800" + }, + { + "name": "MS15-106", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-518", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-518" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7331.json b/2015/7xxx/CVE-2015-7331.json index a1ff94fba2d..6b9a116f107 100644 --- a/2015/7xxx/CVE-2015-7331.json +++ b/2015/7xxx/CVE-2015-7331.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7331", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows remote attackers to execute arbitrary code via vectors involving the --server argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7331", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://puppet.com/security/cve/cve-2015-7331", - "refsource" : "CONFIRM", - "url" : "https://puppet.com/security/cve/cve-2015-7331" - }, - { - "name" : "92432", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92432" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mcollective-puppet-agent plugin before 1.11.1 for Puppet allows remote attackers to execute arbitrary code via vectors involving the --server argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://puppet.com/security/cve/cve-2015-7331", + "refsource": "CONFIRM", + "url": "https://puppet.com/security/cve/cve-2015-7331" + }, + { + "name": "92432", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92432" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7787.json b/2015/7xxx/CVE-2015-7787.json index fff902a1572..53094fc8d1f 100644 --- a/2015/7xxx/CVE-2015-7787.json +++ b/2015/7xxx/CVE-2015-7787.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7787", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-7787", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI", - "refsource" : "CONFIRM", - "url" : "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI" - }, - { - "name" : "JVN#69462495", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN69462495/index.html" - }, - { - "name" : "JVNDB-2015-000192", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#69462495", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN69462495/index.html" + }, + { + "name": "JVNDB-2015-000192", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000192" + }, + { + "name": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI", + "refsource": "CONFIRM", + "url": "http://www.asus.com/jp/News/FX04LE8HN0qBoqFI" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7906.json b/2015/7xxx/CVE-2015-7906.json index 82acd646072..1fc6abf8f8d 100644 --- a/2015/7xxx/CVE-2015-7906.json +++ b/2015/7xxx/CVE-2015-7906.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7906", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7906", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to read a password-hash backup file via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-342-02" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8006.json b/2015/8xxx/CVE-2015-8006.json index 499f133e002..e7cda235aeb 100644 --- a/2015/8xxx/CVE-2015-8006.json +++ b/2015/8xxx/CVE-2015-8006.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for MediWiki allows remote attackers to inject arbitrary web script or HTML via the page title." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[MediaWiki-announce] 20151016 Extension Security Release: OAuth, Echo, PageTriage", - "refsource" : "MLIST", - "url" : "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000182.html" - }, - { - "name" : "https://phabricator.wikimedia.org/T111029", - "refsource" : "CONFIRM", - "url" : "https://phabricator.wikimedia.org/T111029" - }, - { - "name" : "1034028", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034028" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for MediWiki allows remote attackers to inject arbitrary web script or HTML via the page title." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://phabricator.wikimedia.org/T111029", + "refsource": "CONFIRM", + "url": "https://phabricator.wikimedia.org/T111029" + }, + { + "name": "1034028", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034028" + }, + { + "name": "[MediaWiki-announce] 20151016 Extension Security Release: OAuth, Echo, PageTriage", + "refsource": "MLIST", + "url": "https://lists.wikimedia.org/pipermail/mediawiki-announce/2015-October/000182.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8235.json b/2015/8xxx/CVE-2015-8235.json index 1c267cbb595..80a9c4389fb 100644 --- a/2015/8xxx/CVE-2015-8235.json +++ b/2015/8xxx/CVE-2015-8235.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Spiffy before 5.4." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[chicken-announce] 20151111 Spiffy path traversal vulnerability", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/chicken-announce/2015-11/msg00000.html" - }, - { - "name" : "[oss-security] 20151118 Re: CVE request for path traversal / info leak bug in Spiffy web server", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/18/25" - }, - { - "name" : "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=edd4926bb4f4c97760a0e03b0d0e8210398fe967", - "refsource" : "CONFIRM", - "url" : "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=edd4926bb4f4c97760a0e03b0d0e8210398fe967" - }, - { - "name" : "77644", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77644" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Spiffy before 5.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "77644", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77644" + }, + { + "name": "[oss-security] 20151118 Re: CVE request for path traversal / info leak bug in Spiffy web server", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/18/25" + }, + { + "name": "[chicken-announce] 20151111 Spiffy path traversal vulnerability", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/chicken-announce/2015-11/msg00000.html" + }, + { + "name": "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=edd4926bb4f4c97760a0e03b0d0e8210398fe967", + "refsource": "CONFIRM", + "url": "http://code.call-cc.org/cgi-bin/gitweb.cgi?p=chicken-core.git;a=commit;h=edd4926bb4f4c97760a0e03b0d0e8210398fe967" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8477.json b/2015/8xxx/CVE-2015-8477.json index 4301e87f964..3f77e590f3e 100644 --- a/2015/8xxx/CVE-2015-8477.json +++ b/2015/8xxx/CVE-2015-8477.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151205 Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/05/7" - }, - { - "name" : "[oss-security] 20151205 Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/05/8" - }, - { - "name" : "http://www.redmine.org/projects/redmine/wiki/Security_Advisories", - "refsource" : "CONFIRM", - "url" : "http://www.redmine.org/projects/redmine/wiki/Security_Advisories" - }, - { - "name" : "https://www.redmine.org/issues/19117", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/issues/19117" - }, - { - "name" : "https://www.redmine.org/projects/redmine/repository/entry/tags/2.6.2/doc/CHANGELOG", - "refsource" : "CONFIRM", - "url" : "https://www.redmine.org/projects/redmine/repository/entry/tags/2.6.2/doc/CHANGELOG" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.redmine.org/projects/redmine/repository/entry/tags/2.6.2/doc/CHANGELOG", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/projects/redmine/repository/entry/tags/2.6.2/doc/CHANGELOG" + }, + { + "name": "[oss-security] 20151205 Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/05/8" + }, + { + "name": "[oss-security] 20151205 Re: CVE request: Redmine: cross-site scripting vulnerability fixed in 3.0.0 and 2.6.2", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/05/7" + }, + { + "name": "http://www.redmine.org/projects/redmine/wiki/Security_Advisories", + "refsource": "CONFIRM", + "url": "http://www.redmine.org/projects/redmine/wiki/Security_Advisories" + }, + { + "name": "https://www.redmine.org/issues/19117", + "refsource": "CONFIRM", + "url": "https://www.redmine.org/issues/19117" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8481.json b/2015/8xxx/CVE-2015-8481.json index 347368a143f..100f4ca5b11 100644 --- a/2015/8xxx/CVE-2015-8481.json +++ b/2015/8xxx/CVE-2015-8481.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8481", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8481", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://confluence.atlassian.com/jira/jira-security-advisory-2015-12-09-792307790.html", - "refsource" : "CONFIRM", - "url" : "https://confluence.atlassian.com/jira/jira-security-advisory-2015-12-09-792307790.html" - }, - { - "name" : "https://jira.atlassian.com/browse/JRA-47557", - "refsource" : "CONFIRM", - "url" : "https://jira.atlassian.com/browse/JRA-47557" - }, - { - "name" : "79381", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79381" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup referencing an image attachment, which might allow remote attackers to obtain sensitive information by updating a different issue that includes wiki markup for an external image reference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "79381", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79381" + }, + { + "name": "https://jira.atlassian.com/browse/JRA-47557", + "refsource": "CONFIRM", + "url": "https://jira.atlassian.com/browse/JRA-47557" + }, + { + "name": "https://confluence.atlassian.com/jira/jira-security-advisory-2015-12-09-792307790.html", + "refsource": "CONFIRM", + "url": "https://confluence.atlassian.com/jira/jira-security-advisory-2015-12-09-792307790.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8658.json b/2015/8xxx/CVE-2015-8658.json index 87727f102f9..7889e86af82 100644 --- a/2015/8xxx/CVE-2015-8658.json +++ b/2015/8xxx/CVE-2015-8658.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8658", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8658", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-662", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-662" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "84160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via crafted MPEG-4 data, a different vulnerability than CVE-2015-8045, CVE-2015-8047, CVE-2015-8060, CVE-2015-8408, CVE-2015-8416, CVE-2015-8417, CVE-2015-8418, CVE-2015-8419, CVE-2015-8443, CVE-2015-8444, CVE-2015-8451, CVE-2015-8455, CVE-2015-8652, CVE-2015-8654, CVE-2015-8656, CVE-2015-8657, and CVE-2015-8820." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-662", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-662" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "84160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84160" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8684.json b/2015/8xxx/CVE-2015-8684.json index ec6294677bd..8beed3ca829 100644 --- a/2015/8xxx/CVE-2015-8684.json +++ b/2015/8xxx/CVE-2015-8684.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8684", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8684", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://packetstormsecurity.com/files/136762/Exponent-CMS-2.3.5-File-Upload-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/136762/Exponent-CMS-2.3.5-File-Upload-Cross-Site-Scripting.html" - }, - { - "name" : "https://exponentcms.lighthouseapp.com/projects/61783/tickets/1323-exponent-cms-235-file-upload-cross-site-scripting-vulnerability", - "refsource" : "CONFIRM", - "url" : "https://exponentcms.lighthouseapp.com/projects/61783/tickets/1323-exponent-cms-235-file-upload-cross-site-scripting-vulnerability" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/136762/Exponent-CMS-2.3.5-File-Upload-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/136762/Exponent-CMS-2.3.5-File-Upload-Cross-Site-Scripting.html" + }, + { + "name": "https://exponentcms.lighthouseapp.com/projects/61783/tickets/1323-exponent-cms-235-file-upload-cross-site-scripting-vulnerability", + "refsource": "CONFIRM", + "url": "https://exponentcms.lighthouseapp.com/projects/61783/tickets/1323-exponent-cms-235-file-upload-cross-site-scripting-vulnerability" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0589.json b/2016/0xxx/CVE-2016-0589.json index d1eac9e6ac9..6c19b21aa27 100644 --- a/2016/0xxx/CVE-2016-0589.json +++ b/2016/0xxx/CVE-2016-0589.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0589", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0589", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0750.json b/2016/0xxx/CVE-2016-0750.json index 61bfe31b008..70bb819d730 100644 --- a/2016/0xxx/CVE-2016-0750.json +++ b/2016/0xxx/CVE-2016-0750.json @@ -1,103 +1,103 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "anemec@redhat.com", - "ID" : "CVE-2016-0750", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Infinispan", - "version" : { - "version_data" : [ - { - "version_value" : "9.1.0.Final" - } - ] - } - } - ] - }, - "vendor_name" : "Red Hat" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "4.2/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "3.6/AV:N/AC:H/Au:S/C:P/I:P/A:N", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-138" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0750", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Infinispan", + "version": { + "version_data": [ + { + "version_value": "9.1.0.Final" + } + ] + } + } + ] + }, + "vendor_name": "Red Hat" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0750", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0750" - }, - { - "name" : "https://github.com/infinispan/infinispan/pull/5116", - "refsource" : "CONFIRM", - "url" : "https://github.com/infinispan/infinispan/pull/5116" - }, - { - "name" : "https://issues.jboss.org/browse/ISPN-7781", - "refsource" : "CONFIRM", - "url" : "https://issues.jboss.org/browse/ISPN-7781" - }, - { - "name" : "RHSA-2017:3244", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:3244" - }, - { - "name" : "RHSA-2018:0501", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:0501" - }, - { - "name" : "101910", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101910" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The hotrod java client in infinispan before 9.1.0.Final automatically deserializes bytearray message contents in certain events. A malicious user could exploit this flaw by injecting a specially-crafted serialized object to attain remote code execution or conduct other attacks." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "4.2/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + ], + [ + { + "vectorString": "3.6/AV:N/AC:H/Au:S/C:P/I:P/A:N", + "version": "2.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-138" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://issues.jboss.org/browse/ISPN-7781", + "refsource": "CONFIRM", + "url": "https://issues.jboss.org/browse/ISPN-7781" + }, + { + "name": "101910", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101910" + }, + { + "name": "https://github.com/infinispan/infinispan/pull/5116", + "refsource": "CONFIRM", + "url": "https://github.com/infinispan/infinispan/pull/5116" + }, + { + "name": "RHSA-2018:0501", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:0501" + }, + { + "name": "RHSA-2017:3244", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:3244" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0750", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0750" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0901.json b/2016/0xxx/CVE-2016-0901.json index 38d29e6994d..6f5f5b2ed4c 100644 --- a/2016/0xxx/CVE-2016-0901.json +++ b/2016/0xxx/CVE-2016-0901.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-0901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-0901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160504 ESA-2016-051: Patch 14 for RSA Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2016/May/23" - }, - { - "name" : "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html" - }, - { - "name" : "1035755", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035755" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-0900." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html" + }, + { + "name": "20160504 ESA-2016-051: Patch 14 for RSA Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2016/May/23" + }, + { + "name": "1035755", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035755" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0961.json b/2016/0xxx/CVE-2016-0961.json index 69ae12f3af6..7877ae4b8a7 100644 --- a/2016/0xxx/CVE-2016-0961.json +++ b/2016/0xxx/CVE-2016-0961.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0961", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0961", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "SUSE-SU-2016:0715", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" - }, - { - "name" : "SUSE-SU-2016:0716", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" - }, - { - "name" : "openSUSE-SU-2016:0719", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0734", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" - }, - { - "name" : "84311", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84311" - }, - { - "name" : "1035251", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035251" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0960, CVE-2016-0962, CVE-2016-0986, CVE-2016-0989, CVE-2016-0992, CVE-2016-1002, and CVE-2016-1005." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0734", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00032.html" + }, + { + "name": "1035251", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035251" + }, + { + "name": "openSUSE-SU-2016:0719", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00024.html" + }, + { + "name": "84311", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84311" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "SUSE-SU-2016:0715", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00022.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-08.html" + }, + { + "name": "SUSE-SU-2016:0716", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00023.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1082.json b/2016/1xxx/CVE-2016-1082.json index 465f38fa22a..991f44088e0 100644 --- a/2016/1xxx/CVE-2016-1082.json +++ b/2016/1xxx/CVE-2016-1082.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" - }, - { - "name" : "1035828", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1037, CVE-2016-1063, CVE-2016-1064, CVE-2016-1071, CVE-2016-1072, CVE-2016-1073, CVE-2016-1074, CVE-2016-1076, CVE-2016-1077, CVE-2016-1078, CVE-2016-1080, CVE-2016-1081, CVE-2016-1083, CVE-2016-1084, CVE-2016-1085, CVE-2016-1086, CVE-2016-1088, CVE-2016-1093, CVE-2016-1095, CVE-2016-1116, CVE-2016-1118, CVE-2016-1119, CVE-2016-1120, CVE-2016-1123, CVE-2016-1124, CVE-2016-1125, CVE-2016-1126, CVE-2016-1127, CVE-2016-1128, CVE-2016-1129, CVE-2016-1130, CVE-2016-4088, CVE-2016-4089, CVE-2016-4090, CVE-2016-4093, CVE-2016-4094, CVE-2016-4096, CVE-2016-4097, CVE-2016-4098, CVE-2016-4099, CVE-2016-4100, CVE-2016-4101, CVE-2016-4103, CVE-2016-4104, and CVE-2016-4105." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035828", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035828" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-14.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1397.json b/2016/1xxx/CVE-2016-1397.json index f94aa529fef..e906ceaae4e 100644 --- a/2016/1xxx/CVE-2016-1397.json +++ b/2016/1xxx/CVE-2016-1397.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160615 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2" - }, - { - "name" : "1036115", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036115" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the web-based management interface on Cisco RV110W devices with firmware before 1.2.1.7, RV130W devices with firmware before 1.0.3.16, and RV215W devices with firmware before 1.3.0.8 allows remote authenticated users to cause a denial of service (device reload) via crafted configuration commands in an HTTP request, aka Bug ID CSCux82523." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160615 Cisco RV110W, RV130W, and RV215W Routers HTTP Request Buffer Overflow Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv2" + }, + { + "name": "1036115", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036115" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1547.json b/2016/1xxx/CVE-2016-1547.json index d702959ac23..4849bb895c4 100644 --- a/2016/1xxx/CVE-2016-1547.json +++ b/2016/1xxx/CVE-2016-1547.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-1547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NTP", + "version": { + "version_data": [ + { + "version_value": "4.2.8p3" + }, + { + "version_value": "4.2.8p4" + } + ] + } + } + ] + }, + "vendor_name": "NTP Project" + }, + { + "product": { + "product_data": [ + { + "product_name": "NTPSec", + "version": { + "version_data": [ + { + "version_value": "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" + } + ] + } + } + ] + }, + "vendor_name": "NTPsec Project" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "NTP", - "version" : { - "version_data" : [ - { - "version_value" : "4.2.8p3" - }, - { - "version_value" : "4.2.8p4" - } - ] - } - } - ] - }, - "vendor_name" : "NTP Project" + "lang": "eng", + "value": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "88276", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/88276" }, { - "product" : { - "product_data" : [ - { - "product_name" : "NTPSec", - "version" : { - "version_data" : [ - { - "version_value" : "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" - } - ] - } - } - ] - }, - "vendor_name" : "NTPsec Project" + "name": "DSA-3629", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3629" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "RHSA-2016:1141", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1141" + }, + { + "name": "RHSA-2016:1552", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" + }, + { + "name": "1035705", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035705" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20171004-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0081/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0081/" + }, + { + "name": "FreeBSD-SA-16:16", + "refsource": "FREEBSD", + "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" + }, + { + "name": "GLSA-201607-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-15" } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0081/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0081/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20171004-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20171004-0002/" - }, - { - "name" : "DSA-3629", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3629" - }, - { - "name" : "FreeBSD-SA-16:16", - "refsource" : "FREEBSD", - "url" : "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" - }, - { - "name" : "GLSA-201607-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-15" - }, - { - "name" : "RHSA-2016:1141", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1141" - }, - { - "name" : "RHSA-2016:1552", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1552.html" - }, - { - "name" : "88276", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/88276" - }, - { - "name" : "1035705", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035705" - } - ] - } -} + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5348.json b/2016/5xxx/CVE-2016-5348.json index e7bcd2f9ad0..ec705f8b211 100644 --- a/2016/5xxx/CVE-2016-5348.json +++ b/2016/5xxx/CVE-2016-5348.json @@ -1,93 +1,93 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-5348", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service (memory consumption, and device hang or reboot) via a large xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 29555864." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-5348", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40502", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40502/" - }, - { - "name" : "https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/", - "refsource" : "MISC", - "url" : "https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-10-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-10-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b" - }, - { - "name" : "https://code.google.com/p/android/issues/detail?id=213747", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/android/issues/detail?id=213747" - }, - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "93293", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93293" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The GPS component in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 allows man-in-the-middle attackers to cause a denial of service (memory consumption, and device hang or reboot) via a large xtra.bin or xtra2.bin file on a spoofed Qualcomm gpsonextra.net or izatcloud.net host, aka internal bug 29555864." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93293", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93293" + }, + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "http://source.android.com/security/bulletin/2016-10-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-10-01.html" + }, + { + "name": "https://code.google.com/p/android/issues/detail?id=213747", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/android/issues/detail?id=213747" + }, + { + "name": "https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/", + "refsource": "MISC", + "url": "https://wwws.nightwatchcybersecurity.com/2016/10/04/advisory-cve-2016-5348-2/" + }, + { + "name": "40502", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40502/" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/base/+/218b813d5bc2d7d3952ea1861c38b4aa944ac59b" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5354.json b/2016/5xxx/CVE-2016-5354.json index 63c30e30000..82650de3db5 100644 --- a/2016/5xxx/CVE-2016-5354.json +++ b/2016/5xxx/CVE-2016-5354.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5354", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5354", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160609 Re: CVE Request: wireshark releases", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/09/3" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356" - }, - { - "name" : "https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6", - "refsource" : "CONFIRM", - "url" : "https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2016-33.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2016-33.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" - }, - { - "name" : "DSA-3615", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3615" - }, - { - "name" : "91140", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91140" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12356" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2016-33.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2016-33.html" + }, + { + "name": "[oss-security] 20160609 Re: CVE Request: wireshark releases", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/09/3" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" + }, + { + "name": "https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6", + "refsource": "CONFIRM", + "url": "https://github.com/wireshark/wireshark/commit/2cb5985bf47bdc8bea78d28483ed224abdd33dc6" + }, + { + "name": "DSA-3615", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3615" + }, + { + "name": "91140", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91140" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5447.json b/2016/5xxx/CVE-2016-5447.json index cafb2b0845c..690d70e600d 100644 --- a/2016/5xxx/CVE-2016-5447.json +++ b/2016/5xxx/CVE-2016-5447.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5447", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5447", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91982", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91982" - }, - { - "name" : "1036408", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91982", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91982" + }, + { + "name": "1036408", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036408" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5537.json b/2016/5xxx/CVE-2016-5537.json index 64b45e0c39e..3ff8ff98787 100644 --- a/2016/5xxx/CVE-2016-5537.json +++ b/2016/5xxx/CVE-2016-5537.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20161021 Oracle Netbeans IDE v8.1 Import Directory Traversal", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539615/100/0/threaded" - }, - { - "name" : "40588", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40588/" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93686", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93686" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the NetBeans component in Oracle Fusion Middleware 8.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the October 2016 CPU. Oracle has not commented on third-party claims that this issue is a directory traversal vulnerability which allows local users with certain permissions to write to arbitrary files and consequently gain privileges via a .. (dot dot) in a archive entry in a ZIP file imported as a project." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "40588", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40588/" + }, + { + "name": "20161021 Oracle Netbeans IDE v8.1 Import Directory Traversal", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539615/100/0/threaded" + }, + { + "name": "93686", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93686" + }, + { + "name": "http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/ORACLE-NETBEANS-IDE-DIRECTORY-TRAVERSAL.txt" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + }, + { + "name": "http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/139259/Oracle-Netbeans-IDE-8.1-Directory-Traversal.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0091.json b/2019/0xxx/CVE-2019-0091.json index 1fdba9e7816..b66e64430ab 100644 --- a/2019/0xxx/CVE-2019-0091.json +++ b/2019/0xxx/CVE-2019-0091.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0091", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0091", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0521.json b/2019/0xxx/CVE-2019-0521.json index 2fb50a8d649..af49889a688 100644 --- a/2019/0xxx/CVE-2019-0521.json +++ b/2019/0xxx/CVE-2019-0521.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0521", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0521", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0656.json b/2019/0xxx/CVE-2019-0656.json index 97b9f4c9d24..0827dad994c 100644 --- a/2019/0xxx/CVE-2019-0656.json +++ b/2019/0xxx/CVE-2019-0656.json @@ -1,149 +1,149 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0656", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows", - "version" : { - "version_data" : [ - { - "version_value" : "8.1 for 32-bit systems" - }, - { - "version_value" : "8.1 for x64-based systems" - }, - { - "version_value" : "RT 8.1" - }, - { - "version_value" : "10 for 32-bit Systems" - }, - { - "version_value" : "10 for x64-based Systems" - }, - { - "version_value" : "10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows Server", - "version" : { - "version_data" : [ - { - "version_value" : "2012 R2" - }, - { - "version_value" : "2012 R2 (Core installation)" - }, - { - "version_value" : "2016" - }, - { - "version_value" : "2016 (Core installation)" - }, - { - "version_value" : "version 1709 (Core Installation)" - }, - { - "version_value" : "version 1803 (Core Installation)" - }, - { - "version_value" : "2019" - }, - { - "version_value" : "2019 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0656", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "8.1 for 32-bit systems" + }, + { + "version_value": "8.1 for x64-based systems" + }, + { + "version_value": "RT 8.1" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + }, + { + "version_value": "10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "10 Version 1703 for x64-based Systems" + }, + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2012 R2" + }, + { + "version_value": "2012 R2 (Core installation)" + }, + { + "version_value": "2016" + }, + { + "version_value": "2016 (Core installation)" + }, + { + "version_value": "version 1709 (Core Installation)" + }, + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656" - }, - { - "name" : "106898", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0656" + }, + { + "name": "106898", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106898" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1243.json b/2019/1xxx/CVE-2019-1243.json index 7e1187d4bb9..96b0583f6d6 100644 --- a/2019/1xxx/CVE-2019-1243.json +++ b/2019/1xxx/CVE-2019-1243.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1243", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1243", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1353.json b/2019/1xxx/CVE-2019-1353.json index e20eb68efdb..b6ff951cef2 100644 --- a/2019/1xxx/CVE-2019-1353.json +++ b/2019/1xxx/CVE-2019-1353.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1353", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1353", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1565.json b/2019/1xxx/CVE-2019-1565.json index 84de641282f..5999f7f4208 100644 --- a/2019/1xxx/CVE-2019-1565.json +++ b/2019/1xxx/CVE-2019-1565.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@paloaltonetworks.com", - "DATE_PUBLIC" : "2019-01-23T00:00:00", - "ID" : "CVE-2019-1565", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Palo Alto Networks PAN-OS", - "version" : { - "version_data" : [ - { - "version_value" : "PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier." - } - ] - } - } - ] - }, - "vendor_name" : "Palo Alto Networks" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting (XSS)" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@paloaltonetworks.com", + "DATE_PUBLIC": "2019-01-23T00:00:00", + "ID": "CVE-2019-1565", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Palo Alto Networks PAN-OS", + "version": { + "version_data": [ + { + "version_value": "PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier." + } + ] + } + } + ] + }, + "vendor_name": "Palo Alto Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/139", - "refsource" : "CONFIRM", - "url" : "https://securityadvisories.paloaltonetworks.com/Home/Detail/139" - }, - { - "name" : "106752", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106752" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://securityadvisories.paloaltonetworks.com/Home/Detail/139", + "refsource": "CONFIRM", + "url": "https://securityadvisories.paloaltonetworks.com/Home/Detail/139" + }, + { + "name": "106752", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106752" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1859.json b/2019/1xxx/CVE-2019-1859.json index 75ad345f065..8a750be9e55 100644 --- a/2019/1xxx/CVE-2019-1859.json +++ b/2019/1xxx/CVE-2019-1859.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1859", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1859", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1995.json b/2019/1xxx/CVE-2019-1995.json index 7a4d21073e6..b8665fdfc4f 100644 --- a/2019/1xxx/CVE-2019-1995.json +++ b/2019/1xxx/CVE-2019-1995.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "DATE_PUBLIC" : "2019-02-04T00:00:00", - "ID" : "CVE-2019-1995", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" - } - ] - } - } - ] - }, - "vendor_name" : "Android" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email recipient, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-32589229." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "DATE_PUBLIC": "2019-02-04T00:00:00", + "ID": "CVE-2019-1995", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9" + } + ] + } + } + ] + }, + "vendor_name": "Android" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2019-02-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2019-02-01" - }, - { - "name" : "106946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106946" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In ComposeActivityEmail of ComposeActivityEmail.java, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure, sending files accessible to AOSP Mail to a remote email recipient, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-32589229." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2019-02-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2019-02-01" + }, + { + "name": "106946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106946" + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4323.json b/2019/4xxx/CVE-2019-4323.json index e421694fa1e..0141fbb6e20 100644 --- a/2019/4xxx/CVE-2019-4323.json +++ b/2019/4xxx/CVE-2019-4323.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4323", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4323", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4604.json b/2019/4xxx/CVE-2019-4604.json index b941a6d863a..15e00225b24 100644 --- a/2019/4xxx/CVE-2019-4604.json +++ b/2019/4xxx/CVE-2019-4604.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4604", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4604", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4618.json b/2019/4xxx/CVE-2019-4618.json index 36f17dcc8cb..8191d72221a 100644 --- a/2019/4xxx/CVE-2019-4618.json +++ b/2019/4xxx/CVE-2019-4618.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4618", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4618", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4811.json b/2019/4xxx/CVE-2019-4811.json index c760b3fe5b9..4b31352fb54 100644 --- a/2019/4xxx/CVE-2019-4811.json +++ b/2019/4xxx/CVE-2019-4811.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4811", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4811", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5520.json b/2019/5xxx/CVE-2019-5520.json index a6632324147..bd7aeff0bdc 100644 --- a/2019/5xxx/CVE-2019-5520.json +++ b/2019/5xxx/CVE-2019-5520.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5520", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5520", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5563.json b/2019/5xxx/CVE-2019-5563.json index fc2c1847b74..c65c8df414e 100644 --- a/2019/5xxx/CVE-2019-5563.json +++ b/2019/5xxx/CVE-2019-5563.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5563", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5563", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5904.json b/2019/5xxx/CVE-2019-5904.json index 44ae82deab9..06c061db914 100644 --- a/2019/5xxx/CVE-2019-5904.json +++ b/2019/5xxx/CVE-2019-5904.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5904", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5904", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5992.json b/2019/5xxx/CVE-2019-5992.json index 5ba785ce80c..e1091f2d01d 100644 --- a/2019/5xxx/CVE-2019-5992.json +++ b/2019/5xxx/CVE-2019-5992.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5992", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5992", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8173.json b/2019/8xxx/CVE-2019-8173.json index cefd3cf3a29..102c1fcf37d 100644 --- a/2019/8xxx/CVE-2019-8173.json +++ b/2019/8xxx/CVE-2019-8173.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8173", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8173", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8509.json b/2019/8xxx/CVE-2019-8509.json index 0fe7e9bcae1..54adbc0c423 100644 --- a/2019/8xxx/CVE-2019-8509.json +++ b/2019/8xxx/CVE-2019-8509.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8509", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8509", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8663.json b/2019/8xxx/CVE-2019-8663.json index 8468607f594..49049339cd8 100644 --- a/2019/8xxx/CVE-2019-8663.json +++ b/2019/8xxx/CVE-2019-8663.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8663", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8663", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9052.json b/2019/9xxx/CVE-2019-9052.json index e54a403b4e3..bee6f5d8315 100644 --- a/2019/9xxx/CVE-2019-9052.json +++ b/2019/9xxx/CVE-2019-9052.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9052", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9052", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/pluck-cms/pluck/issues/69", - "refsource" : "MISC", - "url" : "https://github.com/pluck-cms/pluck/issues/69" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/pluck-cms/pluck/issues/69", + "refsource": "MISC", + "url": "https://github.com/pluck-cms/pluck/issues/69" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9098.json b/2019/9xxx/CVE-2019-9098.json index dfd84bb90a4..7f2832342fb 100644 --- a/2019/9xxx/CVE-2019-9098.json +++ b/2019/9xxx/CVE-2019-9098.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9098", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9098", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9250.json b/2019/9xxx/CVE-2019-9250.json index 8d42fc16064..dd1e22a7a3d 100644 --- a/2019/9xxx/CVE-2019-9250.json +++ b/2019/9xxx/CVE-2019-9250.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9250", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9250", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9424.json b/2019/9xxx/CVE-2019-9424.json index 63feb6c0673..1a82025ed9e 100644 --- a/2019/9xxx/CVE-2019-9424.json +++ b/2019/9xxx/CVE-2019-9424.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9424", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9424", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file