From d5892e804a6f04e55a7fcbe0cac70c43caa039cc Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 21:37:05 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0995.json | 140 +++++------ 1999/1xxx/CVE-1999-1200.json | 130 +++++----- 1999/1xxx/CVE-1999-1226.json | 130 +++++----- 1999/1xxx/CVE-1999-1233.json | 150 ++++++------ 1999/1xxx/CVE-1999-1509.json | 140 +++++------ 2000/0xxx/CVE-2000-0229.json | 160 ++++++------ 2000/0xxx/CVE-2000-0243.json | 160 ++++++------ 2000/0xxx/CVE-2000-0571.json | 140 +++++------ 2000/0xxx/CVE-2000-0720.json | 140 +++++------ 2000/0xxx/CVE-2000-0909.json | 180 +++++++------- 2000/0xxx/CVE-2000-0922.json | 140 +++++------ 2000/0xxx/CVE-2000-0954.json | 140 +++++------ 2000/1xxx/CVE-2000-1146.json | 160 ++++++------ 2007/1xxx/CVE-2007-1527.json | 170 ++++++------- 2007/1xxx/CVE-2007-1616.json | 170 ++++++------- 2007/1xxx/CVE-2007-1718.json | 370 ++++++++++++++-------------- 2007/1xxx/CVE-2007-1914.json | 180 +++++++------- 2007/5xxx/CVE-2007-5294.json | 170 ++++++------- 2007/5xxx/CVE-2007-5506.json | 230 +++++++++--------- 2007/5xxx/CVE-2007-5701.json | 170 ++++++------- 2007/5xxx/CVE-2007-5995.json | 150 ++++++------ 2015/3xxx/CVE-2015-3815.json | 180 +++++++------- 2015/3xxx/CVE-2015-3876.json | 140 +++++------ 2015/4xxx/CVE-2015-4085.json | 130 +++++----- 2015/4xxx/CVE-2015-4883.json | 460 +++++++++++++++++------------------ 2015/7xxx/CVE-2015-7225.json | 170 ++++++------- 2015/7xxx/CVE-2015-7397.json | 150 ++++++------ 2015/7xxx/CVE-2015-7480.json | 34 +-- 2015/7xxx/CVE-2015-7549.json | 180 +++++++------- 2015/8xxx/CVE-2015-8202.json | 34 +-- 2015/8xxx/CVE-2015-8227.json | 120 ++++----- 2015/8xxx/CVE-2015-8746.json | 190 +++++++-------- 2015/9xxx/CVE-2015-9053.json | 132 +++++----- 2016/0xxx/CVE-2016-0418.json | 130 +++++----- 2016/1xxx/CVE-2016-1111.json | 130 +++++----- 2016/1xxx/CVE-2016-1342.json | 120 ++++----- 2016/5xxx/CVE-2016-5513.json | 130 +++++----- 2016/5xxx/CVE-2016-5538.json | 140 +++++------ 2016/5xxx/CVE-2016-5618.json | 140 +++++------ 2016/5xxx/CVE-2016-5678.json | 140 +++++------ 2018/2xxx/CVE-2018-2243.json | 34 +-- 2018/2xxx/CVE-2018-2360.json | 158 ++++++------ 2018/2xxx/CVE-2018-2743.json | 34 +-- 2018/2xxx/CVE-2018-2856.json | 140 +++++------ 2019/0xxx/CVE-2019-0283.json | 34 +-- 2019/0xxx/CVE-2019-0319.json | 34 +-- 2019/0xxx/CVE-2019-0330.json | 34 +-- 2019/0xxx/CVE-2019-0588.json | 154 ++++++------ 2019/1xxx/CVE-2019-1093.json | 34 +-- 2019/1xxx/CVE-2019-1165.json | 34 +-- 2019/1xxx/CVE-2019-1259.json | 34 +-- 2019/1xxx/CVE-2019-1402.json | 34 +-- 2019/4xxx/CVE-2019-4020.json | 34 +-- 2019/4xxx/CVE-2019-4141.json | 34 +-- 2019/4xxx/CVE-2019-4219.json | 34 +-- 2019/4xxx/CVE-2019-4568.json | 34 +-- 2019/5xxx/CVE-2019-5291.json | 34 +-- 2019/5xxx/CVE-2019-5568.json | 34 +-- 2019/5xxx/CVE-2019-5923.json | 130 +++++----- 2019/5xxx/CVE-2019-5983.json | 34 +-- 2019/9xxx/CVE-2019-9057.json | 34 +-- 2019/9xxx/CVE-2019-9163.json | 34 +-- 62 files changed, 3782 insertions(+), 3782 deletions(-) diff --git a/1999/0xxx/CVE-1999-0995.json b/1999/0xxx/CVE-1999-0995.json index bf31830c131..f1dd1b75254 100644 --- a/1999/0xxx/CVE-1999-0995.json +++ b/1999/0xxx/CVE-1999-0995.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0995", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka \"Malformed Security Identifier Request.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0995", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS99-057", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057" - }, - { - "name" : "Q248185", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248185" - }, - { - "name" : "875", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/875" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka \"Malformed Security Identifier Request.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q248185", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q248185" + }, + { + "name": "MS99-057", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-057" + }, + { + "name": "875", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/875" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1200.json b/1999/1xxx/CVE-1999-1200.json index ebd5af99b5b..0b295685311 100644 --- a/1999/1xxx/CVE-1999-1200.json +++ b/1999/1xxx/CVE-1999-1200.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1200", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed \"EXPN *@\" command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1200", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980720 DOS in Vintra systems Mailserver software.", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=90222454131610&w=2" - }, - { - "name" : "vintra-mail-dos(1617)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1617" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed \"EXPN *@\" command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980720 DOS in Vintra systems Mailserver software.", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=90222454131610&w=2" + }, + { + "name": "vintra-mail-dos(1617)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1617" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1226.json b/1999/1xxx/CVE-1999-1226.json index c8a5dd56bd9..d6f307aa53e 100644 --- a/1999/1xxx/CVE-1999-1226.json +++ b/1999/1xxx/CVE-1999-1226.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1226", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1226", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html", - "refsource" : "MISC", - "url" : "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html" - }, - { - "name" : "netscape-huge-key-dos(3436)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Netscape Communicator 4.7 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long certificate key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "netscape-huge-key-dos(3436)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3436" + }, + { + "name": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html", + "refsource": "MISC", + "url": "http://www.securiteam.com/exploits/Netscape_4_7_and_earlier_vulnerable_to__Huge_Key__DoS.html" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1233.json b/1999/1xxx/CVE-1999-1233.json index 5324e54b768..21df69f0777 100644 --- a/1999/1xxx/CVE-1999-1233.json +++ b/1999/1xxx/CVE-1999-1233.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the \"Domain Resolution\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS99-039", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039" - }, - { - "name" : "241562", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/support/kb/articles/Q241/5/62.asp" - }, - { - "name" : "657", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/657" - }, - { - "name" : "iis-unresolved-domain-access(3306)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/3306" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IIS 4.0 does not properly restrict access for the initial session request from a user's IP address if the address does not resolve to a DNS domain, aka the \"Domain Resolution\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "iis-unresolved-domain-access(3306)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3306" + }, + { + "name": "241562", + "refsource": "MSKB", + "url": "http://support.microsoft.com/support/kb/articles/Q241/5/62.asp" + }, + { + "name": "657", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/657" + }, + { + "name": "MS99-039", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-039" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1509.json b/1999/1xxx/CVE-1999-1509.json index 31550a59f15..a3c4b3348fc 100644 --- a/1999/1xxx/CVE-1999-1509.json +++ b/1999/1xxx/CVE-1999-1509.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=94177470915423&w=2" - }, - { - "name" : "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=94183041514522&w=2" - }, - { - "name" : "773", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/773" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "773", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/773" + }, + { + "name": "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=94177470915423&w=2" + }, + { + "name": "19991104 Eserv 2.50 Web interface Server Directory Traversal Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=94183041514522&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0229.json b/2000/0xxx/CVE-2000-0229.json index 0988f13975c..49333e895e9 100644 --- a/2000/0xxx/CVE-2000-0229.json +++ b/2000/0xxx/CVE-2000-0229.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0229", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0229", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000322 gpm-root", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" - }, - { - "name" : "20000405 Security hole in gpm < 1.18.1", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" - }, - { - "name" : "RHSA-2000:009", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-009.html" - }, - { - "name" : "RHSA-2000:045", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-045.html" - }, - { - "name" : "1069", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1069" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2000:045", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-045.html" + }, + { + "name": "20000322 gpm-root", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-03/0242.html" + }, + { + "name": "1069", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1069" + }, + { + "name": "RHSA-2000:009", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-009.html" + }, + { + "name": "20000405 Security hole in gpm < 1.18.1", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_announce_45.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0243.json b/2000/0xxx/CVE-2000-0243.json index 7d10a928ecf..82e3e4473b0 100644 --- a/2000/0xxx/CVE-2000-0243.json +++ b/2000/0xxx/CVE-2000-0243.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0243", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0243", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000324 AnalogX SimpleServer 1.03 Remote Crash\" at:", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=web-5645555@post2.rnci.com" - }, - { - "name" : "http://www.analogx.com/contents/download/network/sswww.htm", - "refsource" : "MISC", - "url" : "http://www.analogx.com/contents/download/network/sswww.htm" - }, - { - "name" : "simpleserver-exception-dos(4189)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4189" - }, - { - "name" : "1076", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1076" - }, - { - "name" : "1265", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1265" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.analogx.com/contents/download/network/sswww.htm", + "refsource": "MISC", + "url": "http://www.analogx.com/contents/download/network/sswww.htm" + }, + { + "name": "1265", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1265" + }, + { + "name": "simpleserver-exception-dos(4189)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4189" + }, + { + "name": "20000324 AnalogX SimpleServer 1.03 Remote Crash\" at:", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=web-5645555@post2.rnci.com" + }, + { + "name": "1076", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1076" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0571.json b/2000/0xxx/CVE-2000-0571.json index 4d6d65afd43..61633a09cdd 100644 --- a/2000/0xxx/CVE-2000-0571.json +++ b/2000/0xxx/CVE-2000-0571.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0571", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0571", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000703 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=NCBBKFKDOLAGKIAPMILPCEIHCFAA.labs@ussrback.com" - }, - { - "name" : "1423", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1423" - }, - { - "name" : "localweb-get-bo(4896)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "localweb-get-bo(4896)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4896" + }, + { + "name": "1423", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1423" + }, + { + "name": "20000703 Remote DoS Attack in LocalWEB HTTP Server 1.2.0 Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&date=2000-07-8&msg=NCBBKFKDOLAGKIAPMILPCEIHCFAA.labs@ussrback.com" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0720.json b/2000/0xxx/CVE-2000-0720.json index 439d64f4185..c3fac1f531d 100644 --- a/2000/0xxx/CVE-2000-0720.json +++ b/2000/0xxx/CVE-2000-0720.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000829 News Publisher CGI Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b$18f8c1a0$953b29d4@e8s9s4" - }, - { - "name" : "1621", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1621" - }, - { - "name" : "news-publisher-add-author(5169)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5169" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "news-publisher-add-author(5169)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5169" + }, + { + "name": "1621", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1621" + }, + { + "name": "20000829 News Publisher CGI Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/templates/archive.pike?list=1&msg=003301c0123b$18f8c1a0$953b29d4@e8s9s4" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0909.json b/2000/0xxx/CVE-2000-0909.json index 219e120f324..92f5933cf06 100644 --- a/2000/0xxx/CVE-2000-0909.json +++ b/2000/0xxx/CVE-2000-0909.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0909", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0909", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000922 [ no subject ]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/84901" - }, - { - "name" : "20001031 FW: Pine 4.30 now available", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html" - }, - { - "name" : "FreeBSD-SA-00:59", - "refsource" : "FREEBSD", - "url" : "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc" - }, - { - "name" : "RHSA-2000:102", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2000-102.html" - }, - { - "name" : "MDKSA-2000:073", - "refsource" : "MANDRAKE", - "url" : "http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3" - }, - { - "name" : "1709", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1709" - }, - { - "name" : "pine-check-mail-bo(5283)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5283" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FreeBSD-SA-00:59", + "refsource": "FREEBSD", + "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:59.pine.asc" + }, + { + "name": "RHSA-2000:102", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2000-102.html" + }, + { + "name": "20001031 FW: Pine 4.30 now available", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0441.html" + }, + { + "name": "1709", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1709" + }, + { + "name": "20000922 [ no subject ]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/84901" + }, + { + "name": "MDKSA-2000:073", + "refsource": "MANDRAKE", + "url": "http://www.linux-mandrake.com/en/security/MDKSA-2000-073.php3" + }, + { + "name": "pine-check-mail-bo(5283)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5283" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0922.json b/2000/0xxx/CVE-2000-0922.json index 05e4f66ddc2..73c383c7053 100644 --- a/2000/0xxx/CVE-2000-0922.json +++ b/2000/0xxx/CVE-2000-0922.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001008 Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html" - }, - { - "name" : "1776", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1776" - }, - { - "name" : "web-shopper-directory-traversal(5351)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5351" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1776", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1776" + }, + { + "name": "web-shopper-directory-traversal(5351)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5351" + }, + { + "name": "20001008 Security Advisory: Bytes Interactive's Web Shopper (shopper.cgi) Directory Traversal Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0120.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0954.json b/2000/0xxx/CVE-2000-0954.json index b2fba35f274..6b287719eeb 100644 --- a/2000/0xxx/CVE-2000-0954.json +++ b/2000/0xxx/CVE-2000-0954.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0954", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0954", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001009 Shambala 4.5 vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0134.html" - }, - { - "name" : "1771", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1771" - }, - { - "name" : "shambala-password-plaintext(5346)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5346" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passwords and compromise the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "shambala-password-plaintext(5346)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5346" + }, + { + "name": "20001009 Shambala 4.5 vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0134.html" + }, + { + "name": "1771", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1771" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1146.json b/2000/1xxx/CVE-2000-1146.json index a6f44969a22..efa5a6c9712 100644 --- a/2000/1xxx/CVE-2000-1146.json +++ b/2000/1xxx/CVE-2000-1146.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1146", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1146", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001102 Mantrap By Recourse Technologies - Fate Advisory (11-01-00)", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html" - }, - { - "name" : "20001107 Vendor Response Re: Mantrap Advisory Vendor Followup - Fate Research Labs", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html" - }, - { - "name" : "1913", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1913" - }, - { - "name" : "20001105 Mantrap Advisory Vendor Followup - Fate Research Labs", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=97349791405580&w=2" - }, - { - "name" : "mantrap-dir-dos(5528)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001105 Mantrap Advisory Vendor Followup - Fate Research Labs", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=97349791405580&w=2" + }, + { + "name": "mantrap-dir-dos(5528)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5528" + }, + { + "name": "1913", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1913" + }, + { + "name": "20001102 Mantrap By Recourse Technologies - Fate Advisory (11-01-00)", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0041.html" + }, + { + "name": "20001107 Vendor Response Re: Mantrap Advisory Vendor Followup - Fate Research Labs", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0100.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1527.json b/2007/1xxx/CVE-2007-1527.json index 6597ab16c8e..5b978a4c5e4 100644 --- a/2007/1xxx/CVE-2007-1527.json +++ b/2007/1xxx/CVE-2007-1527.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1527", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1527", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070313 New report on Windows Vista network attack surface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462793/100/0/threaded" - }, - { - "name" : "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464617/100/0/threaded" - }, - { - "name" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", - "refsource" : "MISC", - "url" : "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" - }, - { - "name" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", - "refsource" : "MISC", - "url" : "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" - }, - { - "name" : "23279", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23279" - }, - { - "name" : "33663", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LLTD Mapper in Microsoft Windows Vista does not verify that an IP address in a TLV type 0x07 field in a HELLO packet corresponds to a valid IP address for the local network, which allows remote attackers to trick users into communicating with an external host by sending a HELLO packet with the MW characteristic and a spoofed TLV type 0x07 field, aka the \"Spoof and Management URL IP Redirect\" attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf", + "refsource": "MISC", + "url": "http://www.symantec.com/avcenter/reference/Vista_Network_Attack_Surface_RTM.pdf" + }, + { + "name": "20070313 New report on Windows Vista network attack surface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462793/100/0/threaded" + }, + { + "name": "20070403 Nine Vista CVEs, including Microsoft inaccurate Teredo use case documentation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464617/100/0/threaded" + }, + { + "name": "33663", + "refsource": "OSVDB", + "url": "http://osvdb.org/33663" + }, + { + "name": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html", + "refsource": "MISC", + "url": "http://www.symantec.com/enterprise/security_response/weblog/2007/04/microsofts_inaccurate_teredo_d.html" + }, + { + "name": "23279", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23279" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1616.json b/2007/1xxx/CVE-2007-1616.json index 93d7c337d28..80419bd7ec7 100644 --- a/2007/1xxx/CVE-2007-1616.json +++ b/2007/1xxx/CVE-2007-1616.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1616", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1616", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3515", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3515" - }, - { - "name" : "23019", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23019" - }, - { - "name" : "ADV-2007-1016", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1016" - }, - { - "name" : "34283", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34283" - }, - { - "name" : "24563", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24563" - }, - { - "name" : "scriptmagixlyrics-index-sql-injection(33056)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in ScriptMagix Lyrics 2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the recid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23019", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23019" + }, + { + "name": "24563", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24563" + }, + { + "name": "34283", + "refsource": "OSVDB", + "url": "http://osvdb.org/34283" + }, + { + "name": "3515", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3515" + }, + { + "name": "ADV-2007-1016", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1016" + }, + { + "name": "scriptmagixlyrics-index-sql-injection(33056)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33056" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1718.json b/2007/1xxx/CVE-2007-1718.json index 826fe235d73..4ef970fe1e3 100644 --- a/2007/1xxx/CVE-2007-1718.json +++ b/2007/1xxx/CVE-2007-1718.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1718", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1718", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.php-security.org/MOPB/MOPB-34-2007.html", - "refsource" : "MISC", - "url" : "http://www.php-security.org/MOPB/MOPB-34-2007.html" - }, - { - "name" : "http://us2.php.net/releases/5_2_2.php", - "refsource" : "CONFIRM", - "url" : "http://us2.php.net/releases/5_2_2.php" - }, - { - "name" : "DSA-1282", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1282" - }, - { - "name" : "DSA-1283", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1283" - }, - { - "name" : "GLSA-200705-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200705-19.xml" - }, - { - "name" : "MDKSA-2007:087", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087" - }, - { - "name" : "MDKSA-2007:088", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" - }, - { - "name" : "MDKSA-2007:089", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089" - }, - { - "name" : "MDKSA-2007:090", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090" - }, - { - "name" : "RHSA-2007:0155", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0155.html" - }, - { - "name" : "RHSA-2007:0153", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0153.html" - }, - { - "name" : "RHSA-2007:0162", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0162.html" - }, - { - "name" : "SUSE-SA:2007:032", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_32_php.html" - }, - { - "name" : "USN-455-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-455-1" - }, - { - "name" : "23145", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23145" - }, - { - "name" : "oval:org.mitre.oval:def:10951", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951" - }, - { - "name" : "1017946", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017946" - }, - { - "name" : "24924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24924" - }, - { - "name" : "24965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24965" - }, - { - "name" : "25025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25025" - }, - { - "name" : "25062", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25062" - }, - { - "name" : "25057", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25057" - }, - { - "name" : "24909", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24909" - }, - { - "name" : "25056", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25056" - }, - { - "name" : "25445", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25445" - }, - { - "name" : "php-mailfunction-header-injection(33516)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the (1) Subject or (2) To parameter, as demonstrated by a parameter containing a \"\\r\\n\\t\\n\" sequence, related to an increment bug in the SKIP_LONG_HEADER_SEP macro." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23145", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23145" + }, + { + "name": "25056", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25056" + }, + { + "name": "DSA-1283", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1283" + }, + { + "name": "oval:org.mitre.oval:def:10951", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10951" + }, + { + "name": "GLSA-200705-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200705-19.xml" + }, + { + "name": "1017946", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017946" + }, + { + "name": "RHSA-2007:0162", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html" + }, + { + "name": "25062", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25062" + }, + { + "name": "php-mailfunction-header-injection(33516)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33516" + }, + { + "name": "MDKSA-2007:090", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:090" + }, + { + "name": "USN-455-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-455-1" + }, + { + "name": "24909", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24909" + }, + { + "name": "MDKSA-2007:087", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:087" + }, + { + "name": "DSA-1282", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1282" + }, + { + "name": "http://www.php-security.org/MOPB/MOPB-34-2007.html", + "refsource": "MISC", + "url": "http://www.php-security.org/MOPB/MOPB-34-2007.html" + }, + { + "name": "http://us2.php.net/releases/5_2_2.php", + "refsource": "CONFIRM", + "url": "http://us2.php.net/releases/5_2_2.php" + }, + { + "name": "24924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24924" + }, + { + "name": "RHSA-2007:0155", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html" + }, + { + "name": "24965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24965" + }, + { + "name": "MDKSA-2007:089", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:089" + }, + { + "name": "25445", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25445" + }, + { + "name": "25057", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25057" + }, + { + "name": "SUSE-SA:2007:032", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_32_php.html" + }, + { + "name": "25025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25025" + }, + { + "name": "MDKSA-2007:088", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:088" + }, + { + "name": "RHSA-2007:0153", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1914.json b/2007/1xxx/CVE-2007-1914.json index bd5bbd6c02c..6fb29a4b214 100644 --- a/2007/1xxx/CVE-2007-1914.json +++ b/2007/1xxx/CVE-2007-1914.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1914", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1914", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464678/100/0/threaded" - }, - { - "name" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf", - "refsource" : "MISC", - "url" : "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf" - }, - { - "name" : "23313", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23313" - }, - { - "name" : "ADV-2007-1270", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1270" - }, - { - "name" : "24722", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24722" - }, - { - "name" : "2538", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2538" - }, - { - "name" : "sap-rfc-startprogram-information-disclosure(33422)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33422" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2538", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2538" + }, + { + "name": "23313", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23313" + }, + { + "name": "20070404 CYBSEC Security Pre-Advisory: SAP RFC_START_PROGRAM RFC Function Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464678/100/0/threaded" + }, + { + "name": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf", + "refsource": "MISC", + "url": "http://www.cybsec.com/vuln/CYBSEC-Security_Advisory_SAP_RFC_START_PROGRAM_RFC_Function_Multiple_Vulnerabilities.pdf" + }, + { + "name": "24722", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24722" + }, + { + "name": "ADV-2007-1270", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1270" + }, + { + "name": "sap-rfc-startprogram-information-disclosure(33422)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33422" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5294.json b/2007/5xxx/CVE-2007-5294.json index 164eb2bed9e..a4f4238075b 100644 --- a/2007/5xxx/CVE-2007-5294.json +++ b/2007/5xxx/CVE-2007-5294.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5294", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5294", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071006 idmos-phoenix cms Remote File inclusion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/481682/100/0/threaded" - }, - { - "name" : "4495", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4495" - }, - { - "name" : "ADV-2007-3433", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3433" - }, - { - "name" : "38633", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38633" - }, - { - "name" : "3205", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3205" - }, - { - "name" : "idmos-aural-file-include(36994)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36994" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in core/aural.php in IDMOS 1.0-beta (aka Phoenix) allows remote attackers to execute arbitrary PHP code via a URL in the site_absolute_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4495", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4495" + }, + { + "name": "20071006 idmos-phoenix cms Remote File inclusion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/481682/100/0/threaded" + }, + { + "name": "3205", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3205" + }, + { + "name": "38633", + "refsource": "OSVDB", + "url": "http://osvdb.org/38633" + }, + { + "name": "ADV-2007-3433", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3433" + }, + { + "name": "idmos-aural-file-include(36994)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36994" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5506.json b/2007/5xxx/CVE-2007-5506.json index b94f2b707ab..bd3cdcb0421 100644 --- a/2007/5xxx/CVE-2007-5506.json +++ b/2007/5xxx/CVE-2007-5506.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5506", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071017 Oracle RDBMS TNS Data packet DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482424/100/0/threaded" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "TA07-290A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" - }, - { - "name" : "26108", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26108" - }, - { - "name" : "ADV-2007-3524", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3524" - }, - { - "name" : "ADV-2007-3626", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3626" - }, - { - "name" : "1018823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018823" - }, - { - "name" : "27251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27251" - }, - { - "name" : "27409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27409" - }, - { - "name" : "3244", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "26108", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26108" + }, + { + "name": "ADV-2007-3524", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3524" + }, + { + "name": "20071017 Oracle RDBMS TNS Data packet DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482424/100/0/threaded" + }, + { + "name": "ADV-2007-3626", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3626" + }, + { + "name": "TA07-290A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" + }, + { + "name": "3244", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3244" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "1018823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018823" + }, + { + "name": "27409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27409" + }, + { + "name": "27251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27251" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5701.json b/2007/5xxx/CVE-2007-5701.json index ad46585ea00..6291b890ec0 100644 --- a/2007/5xxx/CVE-2007-5701.json +++ b/2007/5xxx/CVE-2007-5701.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a \"ca activate\" or \"ca unlock\" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-1.ibm.com/support/docview.wss?uid=swg21261095", - "refsource" : "CONFIRM", - "url" : "http://www-1.ibm.com/support/docview.wss?uid=swg21261095" - }, - { - "name" : "26176", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26176" - }, - { - "name" : "ADV-2007-3598", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3598" - }, - { - "name" : "40952", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40952" - }, - { - "name" : "27321", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27321" - }, - { - "name" : "domino-ca-password-disclosure(37372)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37372" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incomplete blacklist vulnerability in the Certificate Authority (CA) in IBM Lotus Domino before 7.0.3 allows local users, or attackers with physical access, to obtain sensitive information (passwords) when an administrator enters a \"ca activate\" or \"ca unlock\" command with any uppercase character, which bypasses a blacklist designed to suppress password logging, resulting in cleartext password disclosure in the console log and Admin panel." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21261095", + "refsource": "CONFIRM", + "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21261095" + }, + { + "name": "domino-ca-password-disclosure(37372)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37372" + }, + { + "name": "ADV-2007-3598", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3598" + }, + { + "name": "40952", + "refsource": "OSVDB", + "url": "http://osvdb.org/40952" + }, + { + "name": "26176", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26176" + }, + { + "name": "27321", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27321" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5995.json b/2007/5xxx/CVE-2007-5995.json index b1bb672221b..039623d76e6 100644 --- a/2007/5xxx/CVE-2007-5995.json +++ b/2007/5xxx/CVE-2007-5995.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5995", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5995", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4621", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4621" - }, - { - "name" : "26416", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26416" - }, - { - "name" : "ADV-2007-3904", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3904" - }, - { - "name" : "patbbcode-bbcodesource-file-include(38425)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in examples/patExampleGen/bbcodeSource.php in patBBcode 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the example parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4621", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4621" + }, + { + "name": "26416", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26416" + }, + { + "name": "patbbcode-bbcodesource-file-include(38425)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38425" + }, + { + "name": "ADV-2007-3904", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3904" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3815.json b/2015/3xxx/CVE-2015-3815.json index 03df2fdb921..151facf8ff5 100644 --- a/2015/3xxx/CVE-2015-3815.json +++ b/2015/3xxx/CVE-2015-3815.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html", - "refsource" : "MISC", - "url" : "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-18.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-18.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d" - }, - { - "name" : "DSA-3277", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3277" - }, - { - "name" : "GLSA-201510-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-03" - }, - { - "name" : "74630", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74630" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188" + }, + { + "name": "DSA-3277", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3277" + }, + { + "name": "74630", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74630" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-18.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-18.html" + }, + { + "name": "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html", + "refsource": "MISC", + "url": "https://blog.fuzzing-project.org/11-Read-heap-overflow-invalid-memory-access-in-Wireshark-TFPA-0072015.html" + }, + { + "name": "GLSA-201510-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-03" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3876.json b/2015/3xxx/CVE-2015-3876.json index 59297c32a17..a99474a6293 100644 --- a/2015/3xxx/CVE-2015-3876.json +++ b/2015/3xxx/CVE-2015-3876.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3876", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://twitter.com/4Dgifts/statuses/649589185792339968", - "refsource" : "MISC", - "url" : "http://twitter.com/4Dgifts/statuses/649589185792339968" - }, - { - "name" : "https://code.google.com/p/android/issues/detail?id=182386", - "refsource" : "MISC", - "url" : "https://code.google.com/p/android/issues/detail?id=182386" - }, - { - "name" : "1033725", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033725" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033725", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033725" + }, + { + "name": "https://code.google.com/p/android/issues/detail?id=182386", + "refsource": "MISC", + "url": "https://code.google.com/p/android/issues/detail?id=182386" + }, + { + "name": "http://twitter.com/4Dgifts/statuses/649589185792339968", + "refsource": "MISC", + "url": "http://twitter.com/4Dgifts/statuses/649589185792339968" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4085.json b/2015/4xxx/CVE-2015-4085.json index 9c0ca7cfa2b..d7f6e8c5d5d 100644 --- a/2015/4xxx/CVE-2015-4085.json +++ b/2015/4xxx/CVE-2015-4085.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4085", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4085", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150526 Re: CVE Request for read-only directory traversal in Etherpad frontend tests", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/05/26/3" - }, - { - "name" : "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006", - "refsource" : "CONFIRM", - "url" : "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150526 Re: CVE Request for read-only directory traversal in Etherpad frontend tests", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/05/26/3" + }, + { + "name": "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006", + "refsource": "CONFIRM", + "url": "https://github.com/ether/etherpad-lite/commit/5409eb314c4e072b9760b8d30b985fa0bb96a006" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4883.json b/2015/4xxx/CVE-2015-4883.json index f2596219cd3..f98c34ac6d8 100644 --- a/2015/4xxx/CVE-2015-4883.json +++ b/2015/4xxx/CVE-2015-4883.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4883", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4883", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3381", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3381" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2015:2506", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2506.html" - }, - { - "name" : "RHSA-2015:2507", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2507.html" - }, - { - "name" : "RHSA-2015:2508", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2508.html" - }, - { - "name" : "RHSA-2015:2509", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2509.html" - }, - { - "name" : "RHSA-2015:2518", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2518.html" - }, - { - "name" : "RHSA-2015:1919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1919.html" - }, - { - "name" : "RHSA-2015:1920", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1920.html" - }, - { - "name" : "RHSA-2015:1921", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1921.html" - }, - { - "name" : "RHSA-2015:1926", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1926.html" - }, - { - "name" : "RHSA-2015:1927", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1927.html" - }, - { - "name" : "RHSA-2015:1928", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1928.html" - }, - { - "name" : "SUSE-SU-2016:0113", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:0270", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" - }, - { - "name" : "SUSE-SU-2015:2166", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:2168", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:2182", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" - }, - { - "name" : "SUSE-SU-2015:2192", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:2216", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" - }, - { - "name" : "SUSE-SU-2015:2268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" - }, - { - "name" : "SUSE-SU-2015:1874", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" - }, - { - "name" : "SUSE-SU-2015:1875", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" - }, - { - "name" : "openSUSE-SU-2015:1902", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:1905", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" - }, - { - "name" : "openSUSE-SU-2015:1906", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:1971", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" - }, - { - "name" : "USN-2827-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2827-1" - }, - { - "name" : "USN-2784-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2784-1" - }, - { - "name" : "77161", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77161" - }, - { - "name" : "1033884", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033884" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4860." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:2182", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html" + }, + { + "name": "77161", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77161" + }, + { + "name": "USN-2784-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2784-1" + }, + { + "name": "openSUSE-SU-2015:1905", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html" + }, + { + "name": "SUSE-SU-2015:2192", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html" + }, + { + "name": "openSUSE-SU-2015:1906", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html" + }, + { + "name": "RHSA-2015:2507", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html" + }, + { + "name": "RHSA-2015:1928", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2015:2506", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html" + }, + { + "name": "RHSA-2015:2509", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html" + }, + { + "name": "1033884", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033884" + }, + { + "name": "SUSE-SU-2015:2166", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "openSUSE-SU-2016:0270", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" + }, + { + "name": "RHSA-2015:1919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "openSUSE-SU-2015:1902", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html" + }, + { + "name": "RHSA-2015:1920", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html" + }, + { + "name": "RHSA-2015:2518", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2518.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "SUSE-SU-2015:2216", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html" + }, + { + "name": "RHSA-2015:1927", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html" + }, + { + "name": "openSUSE-SU-2015:1971", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html" + }, + { + "name": "SUSE-SU-2015:2268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html" + }, + { + "name": "SUSE-SU-2015:2168", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html" + }, + { + "name": "RHSA-2015:1921", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html" + }, + { + "name": "SUSE-SU-2015:1874", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html" + }, + { + "name": "DSA-3381", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3381" + }, + { + "name": "RHSA-2015:1926", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html" + }, + { + "name": "SUSE-SU-2015:1875", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html" + }, + { + "name": "RHSA-2015:2508", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html" + }, + { + "name": "SUSE-SU-2016:0113", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html" + }, + { + "name": "USN-2827-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2827-1" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7225.json b/2015/7xxx/CVE-2015-7225.json index 04865361f67..6a329d6f81a 100644 --- a/2015/7xxx/CVE-2015-7225.json +++ b/2015/7xxx/CVE-2015-7225.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7225", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Tinfoil Devise-two-factor before 2.0.0 does not strictly follow section 5.2 of RFC 6238 and does not \"burn\" a successfully validated one-time password (aka OTP), which allows remote or physically proximate attackers with a target user's login credentials to log in as said user by obtaining the OTP through performing a man-in-the-middle attack between the provider and verifier, or shoulder surfing, and replaying the OTP in the current time-step." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7225", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150917 Re: CVE Request: TOTP Replay Attack in Ruby library", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/09/17/2" - }, - { - "name" : "[oss-sercurity] 20150620 CVE Request: MITM & Shoulder-surfing vuln in Ruby OTP/HOTP/TOTP library \"ROPT\"", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/20/4" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466" - }, - { - "name" : "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md", - "refsource" : "CONFIRM", - "url" : "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md" - }, - { - "name" : "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608", - "refsource" : "CONFIRM", - "url" : "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608" - }, - { - "name" : "76789", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76789" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Tinfoil Devise-two-factor before 2.0.0 does not strictly follow section 5.2 of RFC 6238 and does not \"burn\" a successfully validated one-time password (aka OTP), which allows remote or physically proximate attackers with a target user's login credentials to log in as said user by obtaining the OTP through performing a man-in-the-middle attack between the provider and verifier, or shoulder surfing, and replaying the OTP in the current time-step." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md", + "refsource": "CONFIRM", + "url": "https://github.com/tinfoil/devise-two-factor/blob/master/UPGRADING.md" + }, + { + "name": "[oss-security] 20150917 Re: CVE Request: TOTP Replay Attack in Ruby library", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/09/17/2" + }, + { + "name": "[oss-sercurity] 20150620 CVE Request: MITM & Shoulder-surfing vuln in Ruby OTP/HOTP/TOTP library \"ROPT\"", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/20/4" + }, + { + "name": "76789", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76789" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466", + "refsource": "MISC", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798466" + }, + { + "name": "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608", + "refsource": "CONFIRM", + "url": "https://github.com/tinfoil/devise-two-factor/issues/45#issuecomment-139335608" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7397.json b/2015/7xxx/CVE-2015-7397.json index 221704bcca8..ae59de603db 100644 --- a/2015/7xxx/CVE-2015-7397.json +++ b/2015/7xxx/CVE-2015-7397.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969562", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21969562" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg24041142", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg24041142" - }, - { - "name" : "JR54295", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295" - }, - { - "name" : "1034640", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034640" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple open redirect vulnerabilities in the Aurora starter store in IBM WebSphere Commerce 7.0 through Feature Pack 8 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the referrer parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24041142", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24041142" + }, + { + "name": "1034640", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034640" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21969562", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969562" + }, + { + "name": "JR54295", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR54295" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7480.json b/2015/7xxx/CVE-2015-7480.json index e54df6fee68..28fc6caf8b4 100644 --- a/2015/7xxx/CVE-2015-7480.json +++ b/2015/7xxx/CVE-2015-7480.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7480", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7480", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7549.json b/2015/7xxx/CVE-2015-7549.json index ea3613d8f7e..9b4b2f07b4b 100644 --- a/2015/7xxx/CVE-2015-7549.json +++ b/2015/7xxx/CVE-2015-7549.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151214 CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/12/14/2" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1291137", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1291137" - }, - { - "name" : "DSA-3471", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3471" - }, - { - "name" : "FEDORA-2016-e9bba2bb01", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175380.html" - }, - { - "name" : "GLSA-201602-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201602-01" - }, - { - "name" : "80761", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/80761" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The MSI-X MMIO support in hw/pci/msix.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (NULL pointer dereference and QEMU process crash) by leveraging failure to define the .write method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151214 CVE-2015-7549 Qemu: pci: msi-x: null pointer dereference issue", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/12/14/2" + }, + { + "name": "80761", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80761" + }, + { + "name": "DSA-3471", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3471" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1291137", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291137" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=43b11a91dd861a946b231b89b754285" + }, + { + "name": "GLSA-201602-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201602-01" + }, + { + "name": "FEDORA-2016-e9bba2bb01", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175380.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8202.json b/2015/8xxx/CVE-2015-8202.json index 460252df832..a6065ff834f 100644 --- a/2015/8xxx/CVE-2015-8202.json +++ b/2015/8xxx/CVE-2015-8202.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8202", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8202", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8227.json b/2015/8xxx/CVE-2015-8227.json index 0b8757d2be9..a8ec6b3e019 100644 --- a/2015/8xxx/CVE-2015-8227.json +++ b/2015/8xxx/CVE-2015-8227.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8227", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8227", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via a crafted message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-461216.htm" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8746.json b/2015/8xxx/CVE-2015-8746.json index 9fa98ee312b..40dcb46dec0 100644 --- a/2015/8xxx/CVE-2015-8746.json +++ b/2015/8xxx/CVE-2015-8746.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-8746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160105 CVE request -- linux kernel: nfs: kernel panic occurs at nfs client when nfsv4.2 migration is executed", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/05/9" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1295802", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1295802" - }, - { - "name" : "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da" - }, - { - "name" : "RHSA-2016:2574", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2574.html" - }, - { - "name" : "RHSA-2016:2584", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2584.html" - }, - { - "name" : "1034594", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034594" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1295802" + }, + { + "name": "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/18e3b739fdc826481c6a1335ce0c5b19b3d415da" + }, + { + "name": "RHSA-2016:2584", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html" + }, + { + "name": "RHSA-2016:2574", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html" + }, + { + "name": "1034594", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034594" + }, + { + "name": "[oss-security] 20160105 CVE request -- linux kernel: nfs: kernel panic occurs at nfs client when nfsv4.2 migration is executed", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/05/9" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.2.2" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=18e3b739fdc826481c6a1335ce0c5b19b3d415da" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9053.json b/2015/9xxx/CVE-2015-9053.json index 74f48bd3a81..78aee12694c 100644 --- a/2015/9xxx/CVE-2015-9053.json +++ b/2015/9xxx/CVE-2015-9053.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2015-9053", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input in UIM" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2015-9053", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the processing of certain responses from the USIM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input in UIM" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0418.json b/2016/0xxx/CVE-2016-0418.json index b6cbf0ccc95..3fde9d1fa17 100644 --- a/2016/0xxx/CVE-2016-0418.json +++ b/2016/0xxx/CVE-2016-0418.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0418", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0414." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnerability than CVE-2016-0414." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1111.json b/2016/1xxx/CVE-2016-1111.json index 1cd1c8fd722..1d09cdfee45 100644 --- a/2016/1xxx/CVE-2016-1111.json +++ b/2016/1xxx/CVE-2016-1111.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-273/", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-273/" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-273/", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-273/" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1342.json b/2016/1xxx/CVE-2016-1342.json index de2962a14d4..104ae847c9f 100644 --- a/2016/1xxx/CVE-2016-1342.json +++ b/2016/1xxx/CVE-2016-1342.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160224 Cisco FirePOWER Management Center Unauthenticated Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote attackers to obtain potentially sensitive software-version information by reading help files, aka Bug ID CSCuy36654." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160224 Cisco FirePOWER Management Center Unauthenticated Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5513.json b/2016/5xxx/CVE-2016-5513.json index 8d8c881a16f..f7c89e2c7b3 100644 --- a/2016/5xxx/CVE-2016-5513.json +++ b/2016/5xxx/CVE-2016-5513.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93673", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote authenticated users to affect confidentiality via vectors related to File Manager." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93673", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93673" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5538.json b/2016/5xxx/CVE-2016-5538.json index 180b2464e17..a718e462be6 100644 --- a/2016/5xxx/CVE-2016-5538.json +++ b/2016/5xxx/CVE-2016-5538.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5538", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5538", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93697", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93697" - }, - { - "name" : "1037053", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037053" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93697", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93697" + }, + { + "name": "1037053", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037053" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5618.json b/2016/5xxx/CVE-2016-5618.json index 5b7e023d47e..adfa6e9c2fb 100644 --- a/2016/5xxx/CVE-2016-5618.json +++ b/2016/5xxx/CVE-2016-5618.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5618", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93682", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93682" - }, - { - "name" : "1037051", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037051" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0, and 12.2.1.1.0 allows remote authenticated users to affect confidentiality via vectors related to Code Generation Engine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93682", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93682" + }, + { + "name": "1037051", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037051" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5678.json b/2016/5xxx/CVE-2016-5678.json index 57d7fccb608..f624d1ae2f4 100644 --- a/2016/5xxx/CVE-2016-5678.json +++ b/2016/5xxx/CVE-2016-5678.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5678", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5678", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40200", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40200/" - }, - { - "name" : "VU#856152", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/856152" - }, - { - "name" : "92318", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#856152", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/856152" + }, + { + "name": "92318", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92318" + }, + { + "name": "40200", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40200/" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2243.json b/2018/2xxx/CVE-2018-2243.json index 93540722b80..af059b1f3ce 100644 --- a/2018/2xxx/CVE-2018-2243.json +++ b/2018/2xxx/CVE-2018-2243.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2243", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2243", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2360.json b/2018/2xxx/CVE-2018-2360.json index 8f6ca42965f..b702b658afa 100644 --- a/2018/2xxx/CVE-2018-2360.json +++ b/2018/2xxx/CVE-2018-2360.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2360", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Startup Service", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "7.45" - }, - { - "version_affected" : "=", - "version_value" : "7.49" - }, - { - "version_affected" : "=", - "version_value" : "7.52" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Authentication" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2360", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Startup Service", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.45" + }, + { + "version_affected": "=", + "version_value": "7.49" + }, + { + "version_affected": "=", + "version_value": "7.52" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/" - }, - { - "name" : "https://launchpad.support.sap.com/#/notes/2523961", - "refsource" : "CONFIRM", - "url" : "https://launchpad.support.sap.com/#/notes/2523961" - }, - { - "name" : "102448", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102448" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2523961", + "refsource": "CONFIRM", + "url": "https://launchpad.support.sap.com/#/notes/2523961" + }, + { + "name": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/" + }, + { + "name": "102448", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102448" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2743.json b/2018/2xxx/CVE-2018-2743.json index e740f426955..a3e383eb301 100644 --- a/2018/2xxx/CVE-2018-2743.json +++ b/2018/2xxx/CVE-2018-2743.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2743", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2743", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2856.json b/2018/2xxx/CVE-2018-2856.json index 010a5f4933e..35d1e7ad715 100644 --- a/2018/2xxx/CVE-2018-2856.json +++ b/2018/2xxx/CVE-2018-2856.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103812", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103812" - }, - { - "name" : "1040693", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040693" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). The supported version that is affected is 8.0.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data as well as unauthorized access to critical data or complete access to all Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040693", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040693" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103812", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103812" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0283.json b/2019/0xxx/CVE-2019-0283.json index e9b2adba70e..ce0228c6694 100644 --- a/2019/0xxx/CVE-2019-0283.json +++ b/2019/0xxx/CVE-2019-0283.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0283", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0283", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0319.json b/2019/0xxx/CVE-2019-0319.json index 730c8d2f8e9..4428af161da 100644 --- a/2019/0xxx/CVE-2019-0319.json +++ b/2019/0xxx/CVE-2019-0319.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0319", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0319", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0330.json b/2019/0xxx/CVE-2019-0330.json index 88b281525cd..ec09051da2b 100644 --- a/2019/0xxx/CVE-2019-0330.json +++ b/2019/0xxx/CVE-2019-0330.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0330", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0330", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0588.json b/2019/0xxx/CVE-2019-0588.json index 43eba010376..44eca2e59a2 100644 --- a/2019/0xxx/CVE-2019-0588.json +++ b/2019/0xxx/CVE-2019-0588.json @@ -1,79 +1,79 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "Secure@Microsoft.com", - "ID" : "CVE-2019-0588", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Exchange Server", - "version" : { - "version_data" : [ - { - "version_value" : "2010 Service Pack 3 Update Rollup 25" - }, - { - "version_value" : "2013 Cumulative Update 21" - }, - { - "version_value" : "2016 Cumulative Update 10" - }, - { - "version_value" : "2016 Cumulative Update 11" - }, - { - "version_value" : "2019" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka \"Microsoft Exchange Information Disclosure Vulnerability.\" This affects Microsoft Exchange Server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0588", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Exchange Server", + "version": { + "version_data": [ + { + "version_value": "2010 Service Pack 3 Update Rollup 25" + }, + { + "version_value": "2013 Cumulative Update 21" + }, + { + "version_value": "2016 Cumulative Update 10" + }, + { + "version_value": "2016 Cumulative Update 11" + }, + { + "version_value": "2019" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588" - }, - { - "name" : "106437", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106437" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka \"Microsoft Exchange Information Disclosure Vulnerability.\" This affects Microsoft Exchange Server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0588" + }, + { + "name": "106437", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106437" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1093.json b/2019/1xxx/CVE-2019-1093.json index 8870f6dcc8c..076a49c3e28 100644 --- a/2019/1xxx/CVE-2019-1093.json +++ b/2019/1xxx/CVE-2019-1093.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1093", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1093", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1165.json b/2019/1xxx/CVE-2019-1165.json index efe769bbea8..4298e28790c 100644 --- a/2019/1xxx/CVE-2019-1165.json +++ b/2019/1xxx/CVE-2019-1165.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1165", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1165", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1259.json b/2019/1xxx/CVE-2019-1259.json index d7810aef988..2348ec0287b 100644 --- a/2019/1xxx/CVE-2019-1259.json +++ b/2019/1xxx/CVE-2019-1259.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1259", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1259", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1402.json b/2019/1xxx/CVE-2019-1402.json index 7209d000d29..92d7defe02a 100644 --- a/2019/1xxx/CVE-2019-1402.json +++ b/2019/1xxx/CVE-2019-1402.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1402", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1402", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4020.json b/2019/4xxx/CVE-2019-4020.json index 1451ded9ef2..cc155768503 100644 --- a/2019/4xxx/CVE-2019-4020.json +++ b/2019/4xxx/CVE-2019-4020.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4020", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4020", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4141.json b/2019/4xxx/CVE-2019-4141.json index 34604f03055..140ff95224b 100644 --- a/2019/4xxx/CVE-2019-4141.json +++ b/2019/4xxx/CVE-2019-4141.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4141", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4141", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4219.json b/2019/4xxx/CVE-2019-4219.json index 5428485d4c0..bf31830dfb3 100644 --- a/2019/4xxx/CVE-2019-4219.json +++ b/2019/4xxx/CVE-2019-4219.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4219", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4219", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4568.json b/2019/4xxx/CVE-2019-4568.json index b25f1cfb5d8..86a069de33d 100644 --- a/2019/4xxx/CVE-2019-4568.json +++ b/2019/4xxx/CVE-2019-4568.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4568", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4568", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5291.json b/2019/5xxx/CVE-2019-5291.json index f6ecc4e2b12..1cebe477353 100644 --- a/2019/5xxx/CVE-2019-5291.json +++ b/2019/5xxx/CVE-2019-5291.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5291", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5291", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5568.json b/2019/5xxx/CVE-2019-5568.json index ab1d9a35177..cd0dffe1077 100644 --- a/2019/5xxx/CVE-2019-5568.json +++ b/2019/5xxx/CVE-2019-5568.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5568", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5568", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5923.json b/2019/5xxx/CVE-2019-5923.json index 755298c212c..797a9153911 100644 --- a/2019/5xxx/CVE-2019-5923.json +++ b/2019/5xxx/CVE-2019-5923.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2019-5923", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "iChain Insurance Wallet App for iOS", - "version" : { - "version_data" : [ - { - "version_value" : "Version 1.3.0 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "iChain, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Directory traversal" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2019-5923", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "iChain Insurance Wallet App for iOS", + "version": { + "version_data": [ + { + "version_value": "Version 1.3.0 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "iChain, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.ichain.co.jp/security20190311.html", - "refsource" : "MISC", - "url" : "https://www.ichain.co.jp/security20190311.html" - }, - { - "name" : "JVN#11622218", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN11622218/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and earlier allows remote attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Directory traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#11622218", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN11622218/index.html" + }, + { + "name": "https://www.ichain.co.jp/security20190311.html", + "refsource": "MISC", + "url": "https://www.ichain.co.jp/security20190311.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5983.json b/2019/5xxx/CVE-2019-5983.json index 0083f875066..406ccf3ab74 100644 --- a/2019/5xxx/CVE-2019-5983.json +++ b/2019/5xxx/CVE-2019-5983.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5983", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5983", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9057.json b/2019/9xxx/CVE-2019-9057.json index 09cde52ea31..1e6a2f8fd35 100644 --- a/2019/9xxx/CVE-2019-9057.json +++ b/2019/9xxx/CVE-2019-9057.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9057", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9057", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9163.json b/2019/9xxx/CVE-2019-9163.json index 6436a04d194..0aa3ff780c5 100644 --- a/2019/9xxx/CVE-2019-9163.json +++ b/2019/9xxx/CVE-2019-9163.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9163", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9163", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file