diff --git a/2007/0xxx/CVE-2007-0583.json b/2007/0xxx/CVE-2007-0583.json index ccd58862332..4814da19caa 100644 --- a/2007/0xxx/CVE-2007-0583.json +++ b/2007/0xxx/CVE-2007-0583.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22298", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22298" - }, - { - "name" : "32985", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32985" - }, - { - "name" : "32986", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32986" - }, - { - "name" : "23964", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23964" - }, - { - "name" : "httpcommander-multiple-xss(31877)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32986", + "refsource": "OSVDB", + "url": "http://osvdb.org/32986" + }, + { + "name": "httpcommander-multiple-xss(31877)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31877" + }, + { + "name": "22298", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22298" + }, + { + "name": "23964", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23964" + }, + { + "name": "32985", + "refsource": "OSVDB", + "url": "http://osvdb.org/32985" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0739.json b/2007/0xxx/CVE-2007-0739.json index a71e1cf95ee..ff5f26cb8e4 100644 --- a/2007/0xxx/CVE-2007-0739.json +++ b/2007/0xxx/CVE-2007-0739.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0739", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0739", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=305391", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=305391" - }, - { - "name" : "APPLE-SA-2007-04-19", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" - }, - { - "name" : "TA07-109A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" - }, - { - "name" : "23569", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23569" - }, - { - "name" : "ADV-2007-1470", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1470" - }, - { - "name" : "34864", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34864" - }, - { - "name" : "1017939", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017939" - }, - { - "name" : "24966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Login Window in Apple Mac OS X 10.4 through 10.4.9 displays the software update window beneath the loginwindow authentication dialog in certain circumstances related to running scheduled tasks, which allows local users to bypass authentication controls." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24966" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=305391", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=305391" + }, + { + "name": "23569", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23569" + }, + { + "name": "TA07-109A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-109A.html" + }, + { + "name": "34864", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34864" + }, + { + "name": "1017939", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017939" + }, + { + "name": "APPLE-SA-2007-04-19", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Apr/msg00001.html" + }, + { + "name": "ADV-2007-1470", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1470" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0793.json b/2007/0xxx/CVE-2007-0793.json index ea44eb14169..850504e159b 100644 --- a/2007/0xxx/CVE-2007-0793.json +++ b/2007/0xxx/CVE-2007-0793.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0793", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0793", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070204 dvddb-0.6 media remote file include vuln.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459149/100/0/threaded" - }, - { - "name" : "33679", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33679" - }, - { - "name" : "2221", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2221" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in inc/common.php in GlobalMegaCorp dvddb 0.6 allows remote attackers to execute arbitrary PHP code via a URL in the config parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070204 dvddb-0.6 media remote file include vuln.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459149/100/0/threaded" + }, + { + "name": "33679", + "refsource": "OSVDB", + "url": "http://osvdb.org/33679" + }, + { + "name": "2221", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2221" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0968.json b/2007/0xxx/CVE-2007-0968.json index 5c5526d5116..87ee93f596a 100644 --- a/2007/0xxx/CVE-2007-0968.json +++ b/2007/0xxx/CVE-2007-0968.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0968", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0968", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070214 Multiple Vulnerabilities in Firewall Services Module", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml" - }, - { - "name" : "22561", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22561" - }, - { - "name" : "ADV-2007-0609", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0609" - }, - { - "name" : "1017650", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017650" - }, - { - "name" : "24172", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24172" - }, - { - "name" : "cisco-fwsm-acl-security-bypass(32521)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Cisco Firewall Services Module (FWSM) before 2.3(4.7) and 3.x before 3.1(3.1) causes the access control entries (ACE) in an ACL to be improperly evaluated, which allows remote authenticated users to bypass intended certain ACL protections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0609", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0609" + }, + { + "name": "22561", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22561" + }, + { + "name": "cisco-fwsm-acl-security-bypass(32521)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32521" + }, + { + "name": "1017650", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017650" + }, + { + "name": "24172", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24172" + }, + { + "name": "20070214 Multiple Vulnerabilities in Firewall Services Module", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3016.json b/2007/3xxx/CVE-2007-3016.json index c89f063a856..9b07f9f0285 100644 --- a/2007/3xxx/CVE-2007-3016.json +++ b/2007/3xxx/CVE-2007-3016.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3016", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3016", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3147.json b/2007/3xxx/CVE-2007-3147.json index db3a6f4c51d..57dfb5d6f21 100644 --- a/2007/3xxx/CVE-2007-3147.json +++ b/2007/3xxx/CVE-2007-3147.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3147", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3147", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070608 EEYE: Yahoo Webcam ActiveX Controls Multiple Buffer Overflows", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470861/100/0/threaded" - }, - { - "name" : "20070606 Yahoo 0day ActiveX Webcam Exploit", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html" - }, - { - "name" : "4042", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4042" - }, - { - "name" : "http://research.eeye.com/html/advisories/published/AD20070608.html", - "refsource" : "MISC", - "url" : "http://research.eeye.com/html/advisories/published/AD20070608.html" - }, - { - "name" : "http://research.eeye.com/html/advisories/upcoming/20070605.html", - "refsource" : "MISC", - "url" : "http://research.eeye.com/html/advisories/upcoming/20070605.html" - }, - { - "name" : "http://messenger.yahoo.com/security_update.php?id=060707", - "refsource" : "CONFIRM", - "url" : "http://messenger.yahoo.com/security_update.php?id=060707" - }, - { - "name" : "VU#949817", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/949817" - }, - { - "name" : "24354", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24354" - }, - { - "name" : "24341", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24341" - }, - { - "name" : "ADV-2007-2094", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2094" - }, - { - "name" : "1018204", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018204" - }, - { - "name" : "1018203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018203" - }, - { - "name" : "25547", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25547" - }, - { - "name" : "2809", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2809" - }, - { - "name" : "yahoo-webcam-upload-bo(34758)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34758" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the Yahoo! Webcam Upload ActiveX control in ywcupl.dll 2.0.1.4 for Yahoo! Messenger 8.1.0.249 allows remote attackers to execute arbitrary code via a long server property value to the send method. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070606 Yahoo 0day ActiveX Webcam Exploit", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063817.html" + }, + { + "name": "4042", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4042" + }, + { + "name": "24354", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24354" + }, + { + "name": "http://research.eeye.com/html/advisories/upcoming/20070605.html", + "refsource": "MISC", + "url": "http://research.eeye.com/html/advisories/upcoming/20070605.html" + }, + { + "name": "VU#949817", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/949817" + }, + { + "name": "http://messenger.yahoo.com/security_update.php?id=060707", + "refsource": "CONFIRM", + "url": "http://messenger.yahoo.com/security_update.php?id=060707" + }, + { + "name": "ADV-2007-2094", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2094" + }, + { + "name": "25547", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25547" + }, + { + "name": "20070608 EEYE: Yahoo Webcam ActiveX Controls Multiple Buffer Overflows", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470861/100/0/threaded" + }, + { + "name": "1018204", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018204" + }, + { + "name": "yahoo-webcam-upload-bo(34758)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34758" + }, + { + "name": "24341", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24341" + }, + { + "name": "1018203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018203" + }, + { + "name": "2809", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2809" + }, + { + "name": "http://research.eeye.com/html/advisories/published/AD20070608.html", + "refsource": "MISC", + "url": "http://research.eeye.com/html/advisories/published/AD20070608.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3319.json b/2007/3xxx/CVE-2007-3319.json index 502fcb51972..9618b00d0c4 100644 --- a/2007/3xxx/CVE-2007-3319.json +++ b/2007/3xxx/CVE-2007-3319.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm" - }, - { - "name" : "24539", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24539" - }, - { - "name" : "38115", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38115" - }, - { - "name" : "25747", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25747" - }, - { - "name" : "avaya-cnonce-call-hijacking(34972)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34972" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Avaya 4602SW IP Phone (Model 4602D02A) with 2.2.2 and earlier SIP firmware does not use the cnonce parameter in the Authorization header of SIP requests during MD5 digest authentication, which allows remote attackers to conduct man-in-the-middle attacks and hijack or intercept communications." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=299&" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-263.htm" + }, + { + "name": "38115", + "refsource": "OSVDB", + "url": "http://osvdb.org/38115" + }, + { + "name": "avaya-cnonce-call-hijacking(34972)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34972" + }, + { + "name": "25747", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25747" + }, + { + "name": "24539", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24539" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4120.json b/2007/4xxx/CVE-2007-4120.json index e1d173fb129..fee41dc0ec5 100644 --- a/2007/4xxx/CVE-2007-4120.json +++ b/2007/4xxx/CVE-2007-4120.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4120", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states \"further investigation has revealed that the application is not vulnerable to this issue.\" The original researcher also has a history of erroneous claims." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4120", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070730 RFI ====> vBulletin v3.6.5", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475105/100/0/threaded" - }, - { - "name" : "20070731 Re: RFI ====> vBulletin v3.6.5", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475151/100/0/threaded" - }, - { - "name" : "25141", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25141" - }, - { - "name" : "2941", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2941" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in Jelsoft vBulletin 3.6.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) classfile parameter to includes/functions.php, the (2) nextitem parameter to includes/functions_cron.php, and the (3) specialtemplates parameter to includes/functions_forumdisplay.php. NOTE: this issue is disputed by a reliable third party who states \"further investigation has revealed that the application is not vulnerable to this issue.\" The original researcher also has a history of erroneous claims." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25141", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25141" + }, + { + "name": "20070731 Re: RFI ====> vBulletin v3.6.5", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475151/100/0/threaded" + }, + { + "name": "2941", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2941" + }, + { + "name": "20070730 RFI ====> vBulletin v3.6.5", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475105/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4133.json b/2007/4xxx/CVE-2007-4133.json index b79a1052928..7be78ddaa54 100644 --- a/2007/4xxx/CVE-2007-4133.json +++ b/2007/4xxx/CVE-2007-4133.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4133", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-4133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6", - "refsource" : "CONFIRM", - "url" : "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4" - }, - { - "name" : "DSA-1381", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1381" - }, - { - "name" : "DSA-1504", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1504" - }, - { - "name" : "MDKSA-2007:216", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216" - }, - { - "name" : "MDVSA-2008:008", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008" - }, - { - "name" : "MDVSA-2008:105", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" - }, - { - "name" : "RHSA-2007:0940", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0940.html" - }, - { - "name" : "USN-558-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-558-1" - }, - { - "name" : "USN-578-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-578-1" - }, - { - "name" : "25904", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25904" - }, - { - "name" : "oval:org.mitre.oval:def:10451", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10451" - }, - { - "name" : "27322", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27322" - }, - { - "name" : "26994", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26994" - }, - { - "name" : "28170", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28170" - }, - { - "name" : "28971", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28971" - }, - { - "name" : "29058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29058" - }, - { - "name" : "kernel-hugetlbfs-dos(36925)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36925" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0940", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0940.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.19-rc4" + }, + { + "name": "27322", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27322" + }, + { + "name": "26994", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26994" + }, + { + "name": "DSA-1504", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1504" + }, + { + "name": "MDVSA-2008:008", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:008" + }, + { + "name": "MDKSA-2007:216", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:216" + }, + { + "name": "USN-558-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-558-1" + }, + { + "name": "DSA-1381", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1381" + }, + { + "name": "MDVSA-2008:105", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:105" + }, + { + "name": "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6", + "refsource": "CONFIRM", + "url": "http://tree.celinuxforum.org/gitstat/commit-detail.php?commit=856fc29505556cf263f3dcda2533cf3766c14ab6" + }, + { + "name": "25904", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25904" + }, + { + "name": "29058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29058" + }, + { + "name": "28971", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28971" + }, + { + "name": "28170", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28170" + }, + { + "name": "kernel-hugetlbfs-dos(36925)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36925" + }, + { + "name": "USN-578-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-578-1" + }, + { + "name": "oval:org.mitre.oval:def:10451", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10451" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4307.json b/2007/4xxx/CVE-2007-4307.json index 7d8797cbfce..1e3eb404854 100644 --- a/2007/4xxx/CVE-2007-4307.json +++ b/2007/4xxx/CVE-2007-4307.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html" - }, - { - "name" : "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0", - "refsource" : "CONFIRM", - "url" : "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0" - }, - { - "name" : "25266", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25266" - }, - { - "name" : "ADV-2007-2853", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2853" - }, - { - "name" : "36458", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36458" - }, - { - "name" : "36459", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36459" - }, - { - "name" : "36460", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36460" - }, - { - "name" : "36461", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36461" - }, - { - "name" : "26408", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26408" - }, - { - "name" : "storesprite-next-xss(35933)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35933" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "storesprite-next-xss(35933)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35933" + }, + { + "name": "25266", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25266" + }, + { + "name": "36460", + "refsource": "OSVDB", + "url": "http://osvdb.org/36460" + }, + { + "name": "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0", + "refsource": "CONFIRM", + "url": "http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0" + }, + { + "name": "ADV-2007-2853", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2853" + }, + { + "name": "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html", + "refsource": "MISC", + "url": "http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html" + }, + { + "name": "36459", + "refsource": "OSVDB", + "url": "http://osvdb.org/36459" + }, + { + "name": "36461", + "refsource": "OSVDB", + "url": "http://osvdb.org/36461" + }, + { + "name": "26408", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26408" + }, + { + "name": "36458", + "refsource": "OSVDB", + "url": "http://osvdb.org/36458" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4322.json b/2007/4xxx/CVE-2007-4322.json index c32296e711d..0e0abd381fb 100644 --- a/2007/4xxx/CVE-2007-4322.json +++ b/2007/4xxx/CVE-2007-4322.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ossec.net/en/attacking-loganalysis.html", - "refsource" : "MISC", - "url" : "http://www.ossec.net/en/attacking-loganalysis.html" - }, - { - "name" : "http://www.aczoom.com/tools/blockhosts/CHANGES", - "refsource" : "CONFIRM", - "url" : "http://www.aczoom.com/tools/blockhosts/CHANGES" - }, - { - "name" : "36515", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36515" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BlockHosts before 2.0.4 does not properly parse (1) sshd and (2) vsftpd log files, which allows remote attackers to add arbitrary deny entries to the /etc/hosts.allow file and cause a denial of service by adding arbitrary IP addresses to a daemon log file, as demonstrated by connecting through ssh with a client protocol version identification containing an IP address string, or connecting through ftp with a username containing an IP address string, different vectors than CVE-2007-2765." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.aczoom.com/tools/blockhosts/CHANGES", + "refsource": "CONFIRM", + "url": "http://www.aczoom.com/tools/blockhosts/CHANGES" + }, + { + "name": "http://www.ossec.net/en/attacking-loganalysis.html", + "refsource": "MISC", + "url": "http://www.ossec.net/en/attacking-loganalysis.html" + }, + { + "name": "36515", + "refsource": "OSVDB", + "url": "http://osvdb.org/36515" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4760.json b/2007/4xxx/CVE-2007-4760.json index fcb0efea4aa..26d24df2810 100644 --- a/2007/4xxx/CVE-2007-4760.json +++ b/2007/4xxx/CVE-2007-4760.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4760", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4760", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html" - }, - { - "name" : "25518", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25518" - }, - { - "name" : "ADV-2007-3033", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3033" - }, - { - "name" : "26671", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26671" - }, - { - "name" : "hitachi-javadoc-xss(36393)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The javadoc tool in Cosminexus Developer's Kit for Java in Cosminexus 7 and 7.5 can generate HTML documents that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this is probably the same issue as CVE-2007-3503." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3033", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3033" + }, + { + "name": "26671", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26671" + }, + { + "name": "hitachi-javadoc-xss(36393)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36393" + }, + { + "name": "25518", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25518" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-027_e/index-e.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4991.json b/2007/4xxx/CVE-2007-4991.json index 753946396ba..67248ee6fd3 100644 --- a/2007/4xxx/CVE-2007-4991.json +++ b/2007/4xxx/CVE-2007-4991.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4991", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4991", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html" - }, - { - "name" : "25753", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25753" - }, - { - "name" : "45906", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45906" - }, - { - "name" : "1018727", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018727" - }, - { - "name" : "isa-socks-information-disclosure(36715)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SOCKS4 Proxy in Microsoft Internet Security and Acceleration (ISA) Server 2004 SP1 and SP2 allows remote attackers to obtain potentially sensitive information (the destination IP address of another user's session) via an empty packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25753", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25753" + }, + { + "name": "1018727", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018727" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-07-053.html" + }, + { + "name": "isa-socks-information-disclosure(36715)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36715" + }, + { + "name": "45906", + "refsource": "OSVDB", + "url": "http://osvdb.org/45906" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6002.json b/2007/6xxx/CVE-2007-6002.json index e3564d435f8..355d4329e58 100644 --- a/2007/6xxx/CVE-2007-6002.json +++ b/2007/6xxx/CVE-2007-6002.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.fenrir.co.jp/grani/note.html", - "refsource" : "CONFIRM", - "url" : "http://www.fenrir.co.jp/grani/note.html" - }, - { - "name" : "http://www.fenrir.co.jp/sleipnir/note.html", - "refsource" : "CONFIRM", - "url" : "http://www.fenrir.co.jp/sleipnir/note.html" - }, - { - "name" : "JVN#65427327", - "refsource" : "JVN", - "url" : "http://jvn.jp/jp/JVN%2365427327/index.html" - }, - { - "name" : "26418", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26418" - }, - { - "name" : "38875", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38875" - }, - { - "name" : "38876", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38876" - }, - { - "name" : "27655", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27655" - }, - { - "name" : "27675", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27675" - }, - { - "name" : "sleipnir-search-xss(38441)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Fenriru (1) Sleipnir 2.5.17 R2 and earlier and (2) Grani 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the Search field in a search for additions to the Favorites section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#65427327", + "refsource": "JVN", + "url": "http://jvn.jp/jp/JVN%2365427327/index.html" + }, + { + "name": "sleipnir-search-xss(38441)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38441" + }, + { + "name": "38875", + "refsource": "OSVDB", + "url": "http://osvdb.org/38875" + }, + { + "name": "26418", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26418" + }, + { + "name": "38876", + "refsource": "OSVDB", + "url": "http://osvdb.org/38876" + }, + { + "name": "http://www.fenrir.co.jp/grani/note.html", + "refsource": "CONFIRM", + "url": "http://www.fenrir.co.jp/grani/note.html" + }, + { + "name": "27675", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27675" + }, + { + "name": "http://www.fenrir.co.jp/sleipnir/note.html", + "refsource": "CONFIRM", + "url": "http://www.fenrir.co.jp/sleipnir/note.html" + }, + { + "name": "27655", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27655" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5369.json b/2014/5xxx/CVE-2014-5369.json index 7fe5a861af1..cc7a733e6f5 100644 --- a/2014/5xxx/CVE-2014-5369.json +++ b/2014/5xxx/CVE-2014-5369.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140818 Enigmail warning", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/18/2" - }, - { - "name" : "[oss-security] 20140821 Re: Enigmail warning", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/22/1" - }, - { - "name" : "http://sourceforge.net/p/enigmail/bugs/294/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/p/enigmail/bugs/294/" - }, - { - "name" : "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/" - }, - { - "name" : "https://advisories.mageia.org/MGASA-2014-0421.html", - "refsource" : "CONFIRM", - "url" : "https://advisories.mageia.org/MGASA-2014-0421.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "openSUSE-SU-2014:1086", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html" - }, - { - "name" : "openSUSE-SU-2014:1096", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html" - }, - { - "name" : "60779", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60779" - }, - { - "name" : "60887", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60887" - }, - { - "name" : "61854", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Enigmail 1.7.x before 1.7.2 sends emails in plaintext when encryption is enabled and only BCC recipients are specified, which allows remote attackers to obtain sensitive information by sniffing the network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2014:1096", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00008.html" + }, + { + "name": "60779", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60779" + }, + { + "name": "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/p/enigmail/forum/support/thread/3e7268a4/" + }, + { + "name": "60887", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60887" + }, + { + "name": "https://advisories.mageia.org/MGASA-2014-0421.html", + "refsource": "CONFIRM", + "url": "https://advisories.mageia.org/MGASA-2014-0421.html" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "http://sourceforge.net/p/enigmail/bugs/294/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/p/enigmail/bugs/294/" + }, + { + "name": "openSUSE-SU-2014:1086", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2014-09/msg00004.html" + }, + { + "name": "[oss-security] 20140821 Re: Enigmail warning", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/22/1" + }, + { + "name": "[oss-security] 20140818 Enigmail warning", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/18/2" + }, + { + "name": "61854", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61854" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5436.json b/2014/5xxx/CVE-2014-5436.json index 5e6d860c671..e423e2eecc6 100644 --- a/2014/5xxx/CVE-2014-5436.json +++ b/2014/5xxx/CVE-2014-5436.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5436", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5436", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5587.json b/2014/5xxx/CVE-2014-5587.json index 842cd614d36..2972a66a94a 100644 --- a/2014/5xxx/CVE-2014-5587.json +++ b/2014/5xxx/CVE-2014-5587.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The brokenscreencrank (aka com.biggame.brokenscreencrank) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#835585", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/835585" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The brokenscreencrank (aka com.biggame.brokenscreencrank) application 1.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#835585", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/835585" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5887.json b/2014/5xxx/CVE-2014-5887.json index 3e61dc7e2cb..713d536b898 100644 --- a/2014/5xxx/CVE-2014-5887.json +++ b/2014/5xxx/CVE-2014-5887.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5887", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5887", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#490713", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/490713" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Yell Local Search (aka com.yell.launcher2) application 4.2.1.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#490713", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/490713" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2368.json b/2015/2xxx/CVE-2015-2368.json index c75a99b59bf..fffcb29e826 100644 --- a/2015/2xxx/CVE-2015-2368.json +++ b/2015/2xxx/CVE-2015-2368.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2368", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"Windows DLL Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-069", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069" - }, - { - "name" : "1032898", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032898" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka \"Windows DLL Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032898", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032898" + }, + { + "name": "MS15-069", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-069" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2511.json b/2015/2xxx/CVE-2015-2511.json index 8d08082338b..9069c30a9fb 100644 --- a/2015/2xxx/CVE-2015-2511.json +++ b/2015/2xxx/CVE-2015-2511.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2511", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Win32k Memory Corruption Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2511", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38276", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38276/" - }, - { - "name" : "MS15-097", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097" - }, - { - "name" : "76597", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76597" - }, - { - "name" : "1033485", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033485" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka \"Win32k Memory Corruption Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2015-2517, CVE-2015-2518, and CVE-2015-2546." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033485", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033485" + }, + { + "name": "MS15-097", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097" + }, + { + "name": "38276", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38276/" + }, + { + "name": "76597", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76597" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2705.json b/2015/2xxx/CVE-2015-2705.json index b5fe480ea4b..7c1a1b343fb 100644 --- a/2015/2xxx/CVE-2015-2705.json +++ b/2015/2xxx/CVE-2015-2705.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2705", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2705", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2774.json b/2015/2xxx/CVE-2015-2774.json index d231ebeb2d2..fffba9c3668 100644 --- a/2015/2xxx/CVE-2015-2774.json +++ b/2015/2xxx/CVE-2015-2774.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2774", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2774", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150327 CVE request: Erlang POODLE TLS vulnerability", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/03/27/6" - }, - { - "name" : "[oss-security] 20150327 Re: CVE request: Erlang POODLE TLS vulnerability", - "refsource" : "MLIST", - "url" : "http://openwall.com/lists/oss-security/2015/03/27/9" - }, - { - "name" : "https://www.imperialviolet.org/2014/12/08/poodleagain.html", - "refsource" : "MISC", - "url" : "https://www.imperialviolet.org/2014/12/08/poodleagain.html" - }, - { - "name" : "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85", - "refsource" : "CONFIRM", - "url" : "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "openSUSE-SU-2016:0523", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html" - }, - { - "name" : "USN-3571-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3571-1/" - }, - { - "name" : "73398", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73398" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Erlang/OTP before 18.0-rc1 does not properly check CBC padding bytes when terminating connections, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, a variant of CVE-2014-3566 (aka POODLE)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3571-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3571-1/" + }, + { + "name": "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85", + "refsource": "CONFIRM", + "url": "https://web.archive.org/web/20150905124006/http://www.erlang.org/news/85" + }, + { + "name": "https://www.imperialviolet.org/2014/12/08/poodleagain.html", + "refsource": "MISC", + "url": "https://www.imperialviolet.org/2014/12/08/poodleagain.html" + }, + { + "name": "73398", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73398" + }, + { + "name": "openSUSE-SU-2016:0523", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00124.html" + }, + { + "name": "[oss-security] 20150327 Re: CVE request: Erlang POODLE TLS vulnerability", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/03/27/9" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + }, + { + "name": "[oss-security] 20150327 CVE request: Erlang POODLE TLS vulnerability", + "refsource": "MLIST", + "url": "http://openwall.com/lists/oss-security/2015/03/27/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2863.json b/2015/2xxx/CVE-2015-2863.json index ea5430cef3d..1d57f73131b 100644 --- a/2015/2xxx/CVE-2015-2863.json +++ b/2015/2xxx/CVE-2015-2863.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2863", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2863", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#919604", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/919604" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#919604", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/919604" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6310.json b/2015/6xxx/CVE-2015-6310.json index a6b64f2f5ce..b96825a4899 100644 --- a/2015/6xxx/CVE-2015-6310.json +++ b/2015/6xxx/CVE-2015-6310.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6310", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6310", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151002 Cisco Unified Communications Manager IM and Presence Service REST API Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=41242" - }, - { - "name" : "1033732", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033732" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request, aka Bug ID CSCuw31632." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033732", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033732" + }, + { + "name": "20151002 Cisco Unified Communications Manager IM and Presence Service REST API Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=41242" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6397.json b/2015/6xxx/CVE-2015-6397.json index 4d5e303b85a..1d1748860b2 100644 --- a/2015/6xxx/CVE-2015-6397.json +++ b/2015/6xxx/CVE-2015-6397.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2" - }, - { - "name" : "92273", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92273" - }, - { - "name" : "1036524", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default account, which allows remote authenticated users to obtain root access via a login session with that account, aka Bug IDs CSCuv90139, CSCux58175, and CSCux73557." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92273", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92273" + }, + { + "name": "20160803 Cisco RV110W, RV130W, and RV215W Routers Static Credential Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-rv110_130w2" + }, + { + "name": "1036524", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036524" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7324.json b/2015/7xxx/CVE-2015-7324.json index 5d10c3762a7..843ce0b9c95 100644 --- a/2015/7xxx/CVE-2015-7324.json +++ b/2015/7xxx/CVE-2015-7324.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151005 Komento Joomla! component Persistent XSS", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/11" - }, - { - "name" : "https://www.davidsopas.com/komento-joomla-component-persistent-xss/", - "refsource" : "MISC", - "url" : "https://www.davidsopas.com/komento-joomla-component-persistent-xss/" - }, - { - "name" : "https://stackideas.com/changelog/komento?version=2.0.5", - "refsource" : "CONFIRM", - "url" : "https://stackideas.com/changelog/komento?version=2.0.5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in helpers/comment.php in the StackIdeas Komento (com_komento) component before 2.0.5 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) img or (2) url tag of a new comment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://stackideas.com/changelog/komento?version=2.0.5", + "refsource": "CONFIRM", + "url": "https://stackideas.com/changelog/komento?version=2.0.5" + }, + { + "name": "https://www.davidsopas.com/komento-joomla-component-persistent-xss/", + "refsource": "MISC", + "url": "https://www.davidsopas.com/komento-joomla-component-persistent-xss/" + }, + { + "name": "20151005 Komento Joomla! component Persistent XSS", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/11" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0262.json b/2016/0xxx/CVE-2016-0262.json index 78d244ca7bb..1a9ddd9c921 100644 --- a/2016/0xxx/CVE-2016-0262.json +++ b/2016/0xxx/CVE-2016-0262.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0262", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0262", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977828", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21977828" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1.1 through 7.1.1.3, 7.5.0 before 7.5.0.9 IFIX004, and 7.6.0 before 7.6.0.3 IFIX001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21977828", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21977828" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0289.json b/2016/0xxx/CVE-2016-0289.json index 1a877c850c0..3967644f756 100644 --- a/2016/0xxx/CVE-2016-0289.json +++ b/2016/0xxx/CVE-2016-0289.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979519", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21979519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "shiprec.xml in the SHIPREC application in IBM Maximo Asset Management 7.1 and 7.5 before 7.5.0.10 and 7.6 before 7.6.0.4 allows remote authenticated users to bypass intended item-selection restrictions via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21979519", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21979519" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0396.json b/2016/0xxx/CVE-2016-0396.json index f64489400c8..6e8bbae20ae 100644 --- a/2016/0xxx/CVE-2016-0396.json +++ b/2016/0xxx/CVE-2016-0396.json @@ -1,76 +1,76 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BigFix Platform", - "version" : { - "version_data" : [ - { - "version_value" : "9.0" - }, - { - "version_value" : "9.1" - }, - { - "version_value" : "9.2" - }, - { - "version_value" : "9.5" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BigFix Platform", + "version": { + "version_data": [ + { + "version_value": "9.0" + }, + { + "version_value": "9.1" + }, + { + "version_value": "9.2" + }, + { + "version_value": "9.5" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21993206", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21993206" - }, - { - "name" : "94155", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94155" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94155", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94155" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21993206", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21993206" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0701.json b/2016/0xxx/CVE-2016-0701.json index 4c49c01ce42..60635ca4a7d 100644 --- a/2016/0xxx/CVE-2016-0701.json +++ b/2016/0xxx/CVE-2016-0701.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html", - "refsource" : "MISC", - "url" : "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html" - }, - { - "name" : "http://www.openssl.org/news/secadv/20160128.txt", - "refsource" : "CONFIRM", - "url" : "http://www.openssl.org/news/secadv/20160128.txt" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648" - }, - { - "name" : "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2", - "refsource" : "CONFIRM", - "url" : "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893" - }, - { - "name" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" - }, - { - "name" : "FEDORA-2016-527018d2ff", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html" - }, - { - "name" : "GLSA-201601-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-05" - }, - { - "name" : "openSUSE-SU-2016:0637", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" - }, - { - "name" : "USN-2883-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2883-1" - }, - { - "name" : "VU#257823", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/257823" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "82233", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/82233" - }, - { - "name" : "1034849", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034849" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-527018d2ff", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176373.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "1034849", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034849" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2" + }, + { + "name": "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648", + "refsource": "CONFIRM", + "url": "https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164821" + }, + { + "name": "http://www.openssl.org/news/secadv/20160128.txt", + "refsource": "CONFIRM", + "url": "http://www.openssl.org/news/secadv/20160128.txt" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390893" + }, + { + "name": "GLSA-201601-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-05" + }, + { + "name": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html", + "refsource": "MISC", + "url": "http://intothesymmetry.blogspot.com/2016/01/openssl-key-recovery-attack-on-dh-small.html" + }, + { + "name": "82233", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/82233" + }, + { + "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03724en_us" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "VU#257823", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/257823" + }, + { + "name": "openSUSE-SU-2016:0637", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html" + }, + { + "name": "USN-2883-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2883-1" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000169.json b/2016/1000xxx/CVE-2016-1000169.json index 1241f71c4ec..589b69d9b48 100644 --- a/2016/1000xxx/CVE-2016-1000169.json +++ b/2016/1000xxx/CVE-2016-1000169.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000169", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000169", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10056.json b/2016/10xxx/CVE-2016-10056.json index cea458ffbc6..3802b704635 100644 --- a/2016/10xxx/CVE-2016-10056.json +++ b/2016/10xxx/CVE-2016-10056.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/26/9" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410465", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1410465" - }, - { - "name" : "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", - "refsource" : "CONFIRM", - "url" : "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1" - }, - { - "name" : "95190", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95190" - }, - { - "name" : "95191", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95191" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the sixel_decode function in coders/sixel.c in ImageMagick before 6.9.5-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1", + "refsource": "CONFIRM", + "url": "https://github.com/ImageMagick/ImageMagick/commit/10b3823a7619ed22d42764733eb052c4159bc8c1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410465" + }, + { + "name": "[oss-security] 20161226 Re: CVE requests for various ImageMagick issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/26/9" + }, + { + "name": "95190", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95190" + }, + { + "name": "95191", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95191" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10177.json b/2016/10xxx/CVE-2016-10177.json index 3b55398d1ff..18a938a32c1 100644 --- a/2016/10xxx/CVE-2016-10177.json +++ b/2016/10xxx/CVE-2016-10177.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10177", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10177", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", - "refsource" : "MISC", - "url" : "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html" - }, - { - "name" : "95877", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95877" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html", + "refsource": "MISC", + "url": "https://pierrekim.github.io/blog/2016-09-28-dlink-dwr-932b-lte-routers-vulnerabilities.html" + }, + { + "name": "95877", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95877" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10240.json b/2016/10xxx/CVE-2016-10240.json index 633313c8948..f012588df0d 100644 --- a/2016/10xxx/CVE-2016-10240.json +++ b/2016/10xxx/CVE-2016-10240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10240", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10240", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10608.json b/2016/10xxx/CVE-2016-10608.json index 4f035f7752d..c4077fb7a9d 100644 --- a/2016/10xxx/CVE-2016-10608.json +++ b/2016/10xxx/CVE-2016-10608.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "support@hackerone.com", - "DATE_PUBLIC" : "2018-04-26T00:00:00", - "ID" : "CVE-2016-10608", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "robot-js node module", - "version" : { - "version_data" : [ - { - "version_value" : "All versions" - } - ] - } - } - ] - }, - "vendor_name" : "HackerOne" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Encryption of Sensitive Data (CWE-311)" - } + "CVE_data_meta": { + "ASSIGNER": "support@hackerone.com", + "DATE_PUBLIC": "2018-04-26T00:00:00", + "ID": "CVE-2016-10608", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "robot-js node module", + "version": { + "version_data": [ + { + "version_value": "All versions" + } + ] + } + } + ] + }, + "vendor_name": "HackerOne" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://nodesecurity.io/advisories/201", - "refsource" : "MISC", - "url" : "https://nodesecurity.io/advisories/201" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "robot-js is a module for native system automation for node.js. robot-js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Encryption of Sensitive Data (CWE-311)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://nodesecurity.io/advisories/201", + "refsource": "MISC", + "url": "https://nodesecurity.io/advisories/201" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4172.json b/2016/4xxx/CVE-2016-4172.json index 6cd2103364a..5caa28c764c 100644 --- a/2016/4xxx/CVE-2016-4172.json +++ b/2016/4xxx/CVE-2016-4172.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" - }, - { - "name" : "RHSA-2016:1423", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1423" - }, - { - "name" : "SUSE-SU-2016:1826", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" - }, - { - "name" : "openSUSE-SU-2016:1802", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" - }, - { - "name" : "91725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91725" - }, - { - "name" : "1036280", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036280" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, and CVE-2016-4246." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1826", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00017.html" + }, + { + "name": "openSUSE-SU-2016:1802", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00016.html" + }, + { + "name": "91725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91725" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-25.html" + }, + { + "name": "RHSA-2016:1423", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1423" + }, + { + "name": "1036280", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036280" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4358.json b/2016/4xxx/CVE-2016-4358.json index 095eafc61f2..5bcb444f49e 100644 --- a/2016/4xxx/CVE-2016-4358.json +++ b/2016/4xxx/CVE-2016-4358.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE Matrix Operating Environment before 7.5.1 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2029." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150888" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4857.json b/2016/4xxx/CVE-2016-4857.json index ed25b26ed51..ca978d8dd1b 100644 --- a/2016/4xxx/CVE-2016-4857.json +++ b/2016/4xxx/CVE-2016-4857.json @@ -1,83 +1,83 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4857", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Splunk Enterprise", - "version" : { - "version_data" : [ - { - "version_value" : "6.4.x prior to 6.4.2" - }, - { - "version_value" : "6.3.x prior to 6.3.6" - }, - { - "version_value" : "6.2.x prior to 6.2.11" - } - ] - } - }, - { - "product_name" : "Splunk Light", - "version" : { - "version_data" : [ - { - "version_value" : "prior to 6.4.2" - } - ] - } - } - ] - }, - "vendor_name" : "Splunk Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Open Redirect" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4857", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Splunk Enterprise", + "version": { + "version_data": [ + { + "version_value": "6.4.x prior to 6.4.2" + }, + { + "version_value": "6.3.x prior to 6.3.6" + }, + { + "version_value": "6.2.x prior to 6.2.11" + } + ] + } + }, + { + "product_name": "Splunk Light", + "version": { + "version_data": [ + { + "version_value": "prior to 6.4.2" + } + ] + } + } + ] + }, + "vendor_name": "Splunk Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.splunk.com/view/SP-CAAAPQM", - "refsource" : "CONFIRM", - "url" : "https://www.splunk.com/view/SP-CAAAPQM" - }, - { - "name" : "JVN#39926655", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN39926655/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in Splunk Enterprise 6.4.x prior to 6.4.2, Splunk Enterprise 6.3.x prior to 6.3.6, Splunk Enterprise 6.2.x prior to 6.2.11 and Splunk Light prior to 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Open Redirect" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.splunk.com/view/SP-CAAAPQM", + "refsource": "CONFIRM", + "url": "https://www.splunk.com/view/SP-CAAAPQM" + }, + { + "name": "JVN#39926655", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN39926655/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4907.json b/2016/4xxx/CVE-2016-4907.json index fb8b49ec1c8..7e14660a36a 100644 --- a/2016/4xxx/CVE-2016-4907.json +++ b/2016/4xxx/CVE-2016-4907.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4907", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cybozu Garoon", - "version" : { - "version_data" : [ - { - "version_value" : "3.0.0 to 4.2.2" - } - ] - } - } - ] - }, - "vendor_name" : "Cybozu, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4907", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cybozu Garoon", + "version": { + "version_data": [ + { + "version_value": "3.0.0 to 4.2.2" + } + ] + } + } + ] + }, + "vendor_name": "Cybozu, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9441", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9441" - }, - { - "name" : "JVN#13218253", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN13218253/index.html" - }, - { - "name" : "94965", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94965" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.cybozu.com/ja-jp/article/9441", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9441" + }, + { + "name": "94965", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94965" + }, + { + "name": "JVN#13218253", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN13218253/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9199.json b/2016/9xxx/CVE-2016-9199.json index ad0829fc8b5..da9958fa281 100644 --- a/2016/9xxx/CVE-2016-9199.json +++ b/2016/9xxx/CVE-2016-9199.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@cisco.com", - "ID" : "CVE-2016-9199", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Cisco IOx", - "version" : { - "version_data" : [ - { - "version_value" : "Cisco IOx" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-9199", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco IOx", + "version": { + "version_data": [ + { + "version_value": "Cisco IOx" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf", - "refsource" : "CONFIRM", - "url" : "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf" - }, - { - "name" : "94788", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94788" - }, - { - "name" : "1037427", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037427" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability in the Cisco application-hosting framework (CAF) of Cisco IOx could allow an authenticated, remote attacker to read arbitrary files on a targeted system. Affected Products: This vulnerability affects specific releases of the Cisco IOx subsystem of Cisco IOS and IOS XE Software. More Information: CSCvb23331. Known Affected Releases: 15.2(6.0.57i)E CAF-1.1.0.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf", + "refsource": "CONFIRM", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-caf" + }, + { + "name": "94788", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94788" + }, + { + "name": "1037427", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037427" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9503.json b/2016/9xxx/CVE-2016-9503.json index e0e0d858f63..3e124a485fa 100644 --- a/2016/9xxx/CVE-2016-9503.json +++ b/2016/9xxx/CVE-2016-9503.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9503", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9503", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9721.json b/2016/9xxx/CVE-2016-9721.json index c087fd38a77..48559ac87ec 100644 --- a/2016/9xxx/CVE-2016-9721.json +++ b/2016/9xxx/CVE-2016-9721.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9721", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9721", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2108.json b/2019/2xxx/CVE-2019-2108.json index 788096498d3..65b3acc7fbf 100644 --- a/2019/2xxx/CVE-2019-2108.json +++ b/2019/2xxx/CVE-2019-2108.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2108", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2108", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2355.json b/2019/2xxx/CVE-2019-2355.json index b28d0d8397a..9358b85e8f5 100644 --- a/2019/2xxx/CVE-2019-2355.json +++ b/2019/2xxx/CVE-2019-2355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2798.json b/2019/2xxx/CVE-2019-2798.json index 78563493d72..7baf83df257 100644 --- a/2019/2xxx/CVE-2019-2798.json +++ b/2019/2xxx/CVE-2019-2798.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2798", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2798", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2959.json b/2019/2xxx/CVE-2019-2959.json index c08faf6f427..9b552097e10 100644 --- a/2019/2xxx/CVE-2019-2959.json +++ b/2019/2xxx/CVE-2019-2959.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2959", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2959", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3127.json b/2019/3xxx/CVE-2019-3127.json index 303a5f609fa..dc36e920f08 100644 --- a/2019/3xxx/CVE-2019-3127.json +++ b/2019/3xxx/CVE-2019-3127.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3127", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3127", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3534.json b/2019/3xxx/CVE-2019-3534.json index d0fa2233c6b..dd19cdbfdf1 100644 --- a/2019/3xxx/CVE-2019-3534.json +++ b/2019/3xxx/CVE-2019-3534.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3534", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3534", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3590.json b/2019/3xxx/CVE-2019-3590.json index 6aa6802895b..fcfa2d0cc82 100644 --- a/2019/3xxx/CVE-2019-3590.json +++ b/2019/3xxx/CVE-2019-3590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3590", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3590", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3592.json b/2019/3xxx/CVE-2019-3592.json index e9207d7a707..e105ed80120 100644 --- a/2019/3xxx/CVE-2019-3592.json +++ b/2019/3xxx/CVE-2019-3592.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3592", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3592", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6328.json b/2019/6xxx/CVE-2019-6328.json index 962e9058fca..0433b68e011 100644 --- a/2019/6xxx/CVE-2019-6328.json +++ b/2019/6xxx/CVE-2019-6328.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6328", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6328", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6595.json b/2019/6xxx/CVE-2019-6595.json index bc0888db74b..5b58c9c9965 100644 --- a/2019/6xxx/CVE-2019-6595.json +++ b/2019/6xxx/CVE-2019-6595.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "f5sirt@f5.com", - "DATE_PUBLIC" : "2019-02-26T00:00:00", - "ID" : "CVE-2019-6595", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BIG-IP (APM)", - "version" : { - "version_data" : [ - { - "version_value" : "11.5.x,11.6.x" - } - ] - } - } - ] - }, - "vendor_name" : "F5 Networks, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XSS" - } + "CVE_data_meta": { + "ASSIGNER": "f5sirt@f5.com", + "DATE_PUBLIC": "2019-02-26T00:00:00", + "ID": "CVE-2019-6595", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BIG-IP (APM)", + "version": { + "version_data": [ + { + "version_value": "11.5.x,11.6.x" + } + ] + } + } + ] + }, + "vendor_name": "F5 Networks, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/csp/article/K31424926", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/csp/article/K31424926" - }, - { - "name" : "107173", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107173" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Manager (APM) 11.5.x and 11.6.x Admin Web UI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.f5.com/csp/article/K31424926", + "refsource": "CONFIRM", + "url": "https://support.f5.com/csp/article/K31424926" + }, + { + "name": "107173", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107173" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6751.json b/2019/6xxx/CVE-2019-6751.json index 5cc4e394bb3..2929947702d 100644 --- a/2019/6xxx/CVE-2019-6751.json +++ b/2019/6xxx/CVE-2019-6751.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6751", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6751", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6924.json b/2019/6xxx/CVE-2019-6924.json index 7c428941496..7062f8c0739 100644 --- a/2019/6xxx/CVE-2019-6924.json +++ b/2019/6xxx/CVE-2019-6924.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6924", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6924", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7173.json b/2019/7xxx/CVE-2019-7173.json index 800e7d15d41..4bed4a3b59b 100644 --- a/2019/7xxx/CVE-2019-7173.json +++ b/2019/7xxx/CVE-2019-7173.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7173", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7173", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/croogo/croogo/issues/889", - "refsource" : "MISC", - "url" : "https://github.com/croogo/croogo/issues/889" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/croogo/croogo/issues/889", + "refsource": "MISC", + "url": "https://github.com/croogo/croogo/issues/889" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7324.json b/2019/7xxx/CVE-2019-7324.json index 2f98fb6bca0..1cf9faeb5f0 100644 --- a/2019/7xxx/CVE-2019-7324.json +++ b/2019/7xxx/CVE-2019-7324.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f", - "refsource" : "MISC", - "url" : "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f" - }, - { - "name" : "https://github.com/kanboard/kanboard/releases/tag/v1.2.8", - "refsource" : "MISC", - "url" : "https://github.com/kanboard/kanboard/releases/tag/v1.2.8" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f", + "refsource": "MISC", + "url": "https://github.com/kanboard/kanboard/commit/83deec2e3621c40d15a06e2491f27571d32fe10f" + }, + { + "name": "https://github.com/kanboard/kanboard/releases/tag/v1.2.8", + "refsource": "MISC", + "url": "https://github.com/kanboard/kanboard/releases/tag/v1.2.8" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7491.json b/2019/7xxx/CVE-2019-7491.json index 30ff316cdec..d566b1122c2 100644 --- a/2019/7xxx/CVE-2019-7491.json +++ b/2019/7xxx/CVE-2019-7491.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7491", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7491", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7788.json b/2019/7xxx/CVE-2019-7788.json index 5ab22a4f0f3..152a49274d7 100644 --- a/2019/7xxx/CVE-2019-7788.json +++ b/2019/7xxx/CVE-2019-7788.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7788", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7788", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7857.json b/2019/7xxx/CVE-2019-7857.json index d398fee27c0..291d1167f1f 100644 --- a/2019/7xxx/CVE-2019-7857.json +++ b/2019/7xxx/CVE-2019-7857.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7857", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7857", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8005.json b/2019/8xxx/CVE-2019-8005.json index 42a89224f6d..b89c18a710b 100644 --- a/2019/8xxx/CVE-2019-8005.json +++ b/2019/8xxx/CVE-2019-8005.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8005", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8005", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8218.json b/2019/8xxx/CVE-2019-8218.json index 761bc9c232d..4a05c59ad88 100644 --- a/2019/8xxx/CVE-2019-8218.json +++ b/2019/8xxx/CVE-2019-8218.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8218", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8218", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8528.json b/2019/8xxx/CVE-2019-8528.json index 87d8b092df5..cf8ff0eec6f 100644 --- a/2019/8xxx/CVE-2019-8528.json +++ b/2019/8xxx/CVE-2019-8528.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8528", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8528", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8611.json b/2019/8xxx/CVE-2019-8611.json index 7332a532b1d..630aca3366f 100644 --- a/2019/8xxx/CVE-2019-8611.json +++ b/2019/8xxx/CVE-2019-8611.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8611", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8611", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9230.json b/2019/9xxx/CVE-2019-9230.json index c8d59b9127c..2aee63c5431 100644 --- a/2019/9xxx/CVE-2019-9230.json +++ b/2019/9xxx/CVE-2019-9230.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9230", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9230", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9604.json b/2019/9xxx/CVE-2019-9604.json index c5cacbfa798..d5977aaebcf 100644 --- a/2019/9xxx/CVE-2019-9604.json +++ b/2019/9xxx/CVE-2019-9604.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9604", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9604", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9823.json b/2019/9xxx/CVE-2019-9823.json index d47da36a23a..83770cb9c17 100644 --- a/2019/9xxx/CVE-2019-9823.json +++ b/2019/9xxx/CVE-2019-9823.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9823", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9823", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file