From da00ccb184c1318ba457f2dd1805228c3e47211c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 04:33:31 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0681.json | 140 ++++----- 2007/0xxx/CVE-2007-0757.json | 180 +++++------ 2007/3xxx/CVE-2007-3110.json | 150 ++++----- 2007/3xxx/CVE-2007-3172.json | 150 ++++----- 2007/3xxx/CVE-2007-3204.json | 140 ++++----- 2007/3xxx/CVE-2007-3738.json | 560 ++++++++++++++++----------------- 2007/3xxx/CVE-2007-3837.json | 140 ++++----- 2007/3xxx/CVE-2007-3945.json | 170 +++++----- 2007/4xxx/CVE-2007-4032.json | 160 +++++----- 2007/4xxx/CVE-2007-4058.json | 140 ++++----- 2007/4xxx/CVE-2007-4350.json | 190 +++++------ 2007/4xxx/CVE-2007-4414.json | 170 +++++----- 2007/4xxx/CVE-2007-4495.json | 170 +++++----- 2007/4xxx/CVE-2007-4549.json | 160 +++++----- 2007/4xxx/CVE-2007-4562.json | 170 +++++----- 2007/6xxx/CVE-2007-6266.json | 150 ++++----- 2007/6xxx/CVE-2007-6316.json | 160 +++++----- 2007/6xxx/CVE-2007-6405.json | 180 +++++------ 2007/6xxx/CVE-2007-6688.json | 170 +++++----- 2010/5xxx/CVE-2010-5276.json | 150 ++++----- 2014/1xxx/CVE-2014-1478.json | 500 ++++++++++++++--------------- 2014/1xxx/CVE-2014-1814.json | 150 ++++----- 2014/5xxx/CVE-2014-5591.json | 140 ++++----- 2014/5xxx/CVE-2014-5711.json | 140 ++++----- 2014/5xxx/CVE-2014-5943.json | 140 ++++----- 2015/2xxx/CVE-2015-2188.json | 230 +++++++------- 2015/2xxx/CVE-2015-2295.json | 170 +++++----- 2015/2xxx/CVE-2015-2383.json | 130 ++++---- 2015/2xxx/CVE-2015-2559.json | 140 ++++----- 2015/2xxx/CVE-2015-2971.json | 140 ++++----- 2015/6xxx/CVE-2015-6316.json | 140 ++++----- 2015/6xxx/CVE-2015-6411.json | 130 ++++---- 2015/6xxx/CVE-2015-6700.json | 140 ++++----- 2016/0xxx/CVE-2016-0231.json | 180 +++++------ 2016/0xxx/CVE-2016-0826.json | 150 ++++----- 2016/10xxx/CVE-2016-10081.json | 140 ++++----- 2016/10xxx/CVE-2016-10303.json | 34 +- 2016/10xxx/CVE-2016-10450.json | 132 ++++---- 2016/10xxx/CVE-2016-10703.json | 130 ++++---- 2016/4xxx/CVE-2016-4546.json | 130 ++++---- 2016/4xxx/CVE-2016-4590.json | 190 +++++------ 2016/4xxx/CVE-2016-4867.json | 150 ++++----- 2016/4xxx/CVE-2016-4925.json | 232 +++++++------- 2016/9xxx/CVE-2016-9082.json | 160 +++++----- 2016/9xxx/CVE-2016-9226.json | 34 +- 2016/9xxx/CVE-2016-9275.json | 160 +++++----- 2016/9xxx/CVE-2016-9507.json | 34 +- 2016/9xxx/CVE-2016-9703.json | 170 +++++----- 2019/2xxx/CVE-2019-2053.json | 34 +- 2019/2xxx/CVE-2019-2432.json | 140 ++++----- 2019/2xxx/CVE-2019-2537.json | 178 +++++------ 2019/2xxx/CVE-2019-2758.json | 34 +- 2019/3xxx/CVE-2019-3023.json | 34 +- 2019/3xxx/CVE-2019-3125.json | 34 +- 2019/3xxx/CVE-2019-3173.json | 34 +- 2019/3xxx/CVE-2019-3657.json | 34 +- 2019/3xxx/CVE-2019-3750.json | 34 +- 2019/6xxx/CVE-2019-6385.json | 34 +- 2019/6xxx/CVE-2019-6407.json | 34 +- 2019/6xxx/CVE-2019-6436.json | 34 +- 2019/6xxx/CVE-2019-6993.json | 34 +- 2019/7xxx/CVE-2019-7051.json | 34 +- 2019/7xxx/CVE-2019-7233.json | 120 +++---- 2019/7xxx/CVE-2019-7427.json | 34 +- 2019/7xxx/CVE-2019-7729.json | 120 +++---- 2019/8xxx/CVE-2019-8473.json | 34 +- 2019/8xxx/CVE-2019-8506.json | 34 +- 2019/8xxx/CVE-2019-8996.json | 120 +++---- 68 files changed, 4552 insertions(+), 4552 deletions(-) diff --git a/2007/0xxx/CVE-2007-0681.json b/2007/0xxx/CVE-2007-0681.json index 5f142b7c3e8..c4e1531ce8e 100644 --- a/2007/0xxx/CVE-2007-0681.json +++ b/2007/0xxx/CVE-2007-0681.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0681", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0681", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3239", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3239" - }, - { - "name" : "38130", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38130" - }, - { - "name" : "extcalendar-profile-security-bypass(32035)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrary users without providing the original password, and possibly perform other unauthorized actions, via modified values to register.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38130", + "refsource": "OSVDB", + "url": "http://osvdb.org/38130" + }, + { + "name": "extcalendar-profile-security-bypass(32035)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32035" + }, + { + "name": "3239", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3239" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0757.json b/2007/0xxx/CVE-2007-0757.json index d8b0260e6d9..767bd2ea87c 100644 --- a/2007/0xxx/CVE-2007-0757.json +++ b/2007/0xxx/CVE-2007-0757.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0757", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0757", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3251", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3251" - }, - { - "name" : "20070202 true: DreamStats V 4.2=(index.php)=>Remote File Include", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-February/001272.html" - }, - { - "name" : "22371", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22371" - }, - { - "name" : "ADV-2007-0479", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0479" - }, - { - "name" : "33095", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33095" - }, - { - "name" : "24037", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24037" - }, - { - "name" : "cod2dreamstats-index-file-include(32160)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in index.php in Miguel Nunes Call of Duty 2 (CoD2) DreamStats System 4.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24037", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24037" + }, + { + "name": "33095", + "refsource": "OSVDB", + "url": "http://osvdb.org/33095" + }, + { + "name": "3251", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3251" + }, + { + "name": "22371", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22371" + }, + { + "name": "cod2dreamstats-index-file-include(32160)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32160" + }, + { + "name": "20070202 true: DreamStats V 4.2=(index.php)=>Remote File Include", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-February/001272.html" + }, + { + "name": "ADV-2007-0479", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0479" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3110.json b/2007/3xxx/CVE-2007-3110.json index ada5b6980d0..1578637595a 100644 --- a/2007/3xxx/CVE-2007-3110.json +++ b/2007/3xxx/CVE-2007-3110.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via an RSS feed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "24324", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24324" - }, - { - "name" : "36982", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36982" - }, - { - "name" : "25549", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25549" - }, - { - "name" : "beatnik-rss-feed-xss(34986)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34986" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Andy Frank Beatnik 1.0 extension for Firefox allows remote attackers to inject arbitrary web script or HTML via an RSS feed. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24324", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24324" + }, + { + "name": "beatnik-rss-feed-xss(34986)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34986" + }, + { + "name": "36982", + "refsource": "OSVDB", + "url": "http://osvdb.org/36982" + }, + { + "name": "25549", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25549" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3172.json b/2007/3xxx/CVE-2007-3172.json index d15896bcb9d..a45a03a88e6 100644 --- a/2007/3xxx/CVE-2007-3172.json +++ b/2007/3xxx/CVE-2007-3172.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3172", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3172", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070528 Uebimiau Webmail Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063629.html" - }, - { - "name" : "24210", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24210" - }, - { - "name" : "38337", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38337" - }, - { - "name" : "uebimiau-error-directory-traversal(34555)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in demo/pop3/error.php in Uebimiau Webmail allows remote attackers to determine the existence of arbitrary directories via an absolute pathname and .. (dot dot) in the selected_theme parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38337", + "refsource": "OSVDB", + "url": "http://osvdb.org/38337" + }, + { + "name": "24210", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24210" + }, + { + "name": "uebimiau-error-directory-traversal(34555)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34555" + }, + { + "name": "20070528 Uebimiau Webmail Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063629.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3204.json b/2007/3xxx/CVE-2007-3204.json index 4a8c5bbd8fc..9d26e2b6b96 100644 --- a/2007/3xxx/CVE-2007-3204.json +++ b/2007/3xxx/CVE-2007-3204.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37169", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37169" - }, - { - "name" : "25587", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25587" - }, - { - "name" : "jffnms-pass-sql-injection(34911)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34911" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.4-pre2 allows remote attackers to execute arbitrary SQL commands via the pass parameter. NOTE: this issue reportedly exists because of an initial incomplete fix for CVE-2007-3190. The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37169", + "refsource": "OSVDB", + "url": "http://osvdb.org/37169" + }, + { + "name": "jffnms-pass-sql-injection(34911)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34911" + }, + { + "name": "25587", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25587" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3738.json b/2007/3xxx/CVE-2007-3738.json index 2a6953f78a0..c17e58dc509 100644 --- a/2007/3xxx/CVE-2007-3738.json +++ b/2007/3xxx/CVE-2007-3738.json @@ -1,282 +1,282 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3738", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3738", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070720 rPSA-2007-0148-1 firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474226/100/0/threaded" - }, - { - "name" : "20070724 FLEA-2007-0033-1: firefox thunderbird", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474542/100/0/threaded" - }, - { - "name" : "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html" - }, - { - "name" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", - "refsource" : "CONFIRM", - "url" : "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" - }, - { - "name" : "DSA-1337", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1337" - }, - { - "name" : "DSA-1338", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1338" - }, - { - "name" : "DSA-1339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1339" - }, - { - "name" : "GLSA-200708-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" - }, - { - "name" : "HPSBUX02153", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "SSRT061181", - "refsource" : "HP", - "url" : "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" - }, - { - "name" : "MDKSA-2007:152", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" - }, - { - "name" : "RHSA-2007:0722", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0722.html" - }, - { - "name" : "RHSA-2007:0723", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0723.html" - }, - { - "name" : "RHSA-2007:0724", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0724.html" - }, - { - "name" : "20070701-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" - }, - { - "name" : "103177", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" - }, - { - "name" : "201516", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" - }, - { - "name" : "SUSE-SA:2007:049", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" - }, - { - "name" : "SUSE-SA:2007:057", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" - }, - { - "name" : "USN-490-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-490-1" - }, - { - "name" : "24946", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24946" - }, - { - "name" : "oval:org.mitre.oval:def:9875", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875" - }, - { - "name" : "ADV-2007-2564", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2564" - }, - { - "name" : "ADV-2007-4256", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4256" - }, - { - "name" : "1018414", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018414" - }, - { - "name" : "26095", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26095" - }, - { - "name" : "26103", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26103" - }, - { - "name" : "26106", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26106" - }, - { - "name" : "26107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26107" - }, - { - "name" : "25589", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25589" - }, - { - "name" : "26179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26179" - }, - { - "name" : "26149", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26149" - }, - { - "name" : "26151", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26151" - }, - { - "name" : "26072", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26072" - }, - { - "name" : "26211", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26211" - }, - { - "name" : "26216", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26216" - }, - { - "name" : "26204", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26204" - }, - { - "name" : "26205", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26205" - }, - { - "name" : "26159", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26159" - }, - { - "name" : "26271", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26271" - }, - { - "name" : "26258", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26258" - }, - { - "name" : "26460", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26460" - }, - { - "name" : "28135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28135" - }, - { - "name" : "firefox-xpcnativewrapper-code-execution(35460)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35460" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-490-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-490-1" + }, + { + "name": "26107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26107" + }, + { + "name": "26179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26179" + }, + { + "name": "ADV-2007-4256", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4256" + }, + { + "name": "25589", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25589" + }, + { + "name": "HPSBUX02153", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "MDKSA-2007:152", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:152" + }, + { + "name": "GLSA-200708-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-09.xml" + }, + { + "name": "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2007/mfsa2007-25.html" + }, + { + "name": "DSA-1339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1339" + }, + { + "name": "1018414", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018414" + }, + { + "name": "26151", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26151" + }, + { + "name": "SUSE-SA:2007:057", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_57_mozilla.html" + }, + { + "name": "28135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28135" + }, + { + "name": "26216", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26216" + }, + { + "name": "26103", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26103" + }, + { + "name": "26072", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26072" + }, + { + "name": "26149", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26149" + }, + { + "name": "103177", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103177-1" + }, + { + "name": "ADV-2007-2564", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2564" + }, + { + "name": "DSA-1337", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1337" + }, + { + "name": "26211", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26211" + }, + { + "name": "26159", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26159" + }, + { + "name": "SUSE-SA:2007:049", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_49_mozilla.html" + }, + { + "name": "SSRT061181", + "refsource": "HP", + "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00771742" + }, + { + "name": "DSA-1338", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1338" + }, + { + "name": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt", + "refsource": "CONFIRM", + "url": "ftp://ftp.slackware.com/pub/slackware/slackware-12.0/ChangeLog.txt" + }, + { + "name": "firefox-xpcnativewrapper-code-execution(35460)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35460" + }, + { + "name": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/07d098f99c9fe6956523beae37f32fda.html" + }, + { + "name": "26095", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26095" + }, + { + "name": "oval:org.mitre.oval:def:9875", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9875" + }, + { + "name": "20070724 FLEA-2007-0033-1: firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474542/100/0/threaded" + }, + { + "name": "26258", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26258" + }, + { + "name": "24946", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24946" + }, + { + "name": "26460", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26460" + }, + { + "name": "26106", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26106" + }, + { + "name": "20070701-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070701-01-P.asc" + }, + { + "name": "RHSA-2007:0724", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0724.html" + }, + { + "name": "20070720 rPSA-2007-0148-1 firefox thunderbird", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474226/100/0/threaded" + }, + { + "name": "RHSA-2007:0723", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0723.html" + }, + { + "name": "26271", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26271" + }, + { + "name": "RHSA-2007:0722", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0722.html" + }, + { + "name": "201516", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201516-1" + }, + { + "name": "26204", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26204" + }, + { + "name": "26205", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26205" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3837.json b/2007/3xxx/CVE-2007-3837.json index a6e9a220782..bb0a5289ccd 100644 --- a/2007/3xxx/CVE-2007-3837.json +++ b/2007/3xxx/CVE-2007-3837.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt", - "refsource" : "MISC", - "url" : "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt" - }, - { - "name" : "38625", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38625" - }, - { - "name" : "hydrairc-ctcp-dos(35408)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38625", + "refsource": "OSVDB", + "url": "http://osvdb.org/38625" + }, + { + "name": "hydrairc-ctcp-dos(35408)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35408" + }, + { + "name": "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt", + "refsource": "MISC", + "url": "http://www.portcullis-security.com/uplds/advisories/HydraIRC_bof-07_007.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3945.json b/2007/3xxx/CVE-2007-3945.json index 0dd1ab83078..1dd573ccbb5 100644 --- a/2007/3xxx/CVE-2007-3945.json +++ b/2007/3xxx/CVE-2007-3945.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3945", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3945", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070719 [ANNOUNCE] RSBAC 1.3.5 released", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/474161/100/0/threaded" - }, - { - "name" : "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt", - "refsource" : "CONFIRM", - "url" : "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt" - }, - { - "name" : "25001", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25001" - }, - { - "name" : "ADV-2007-2610", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2610" - }, - { - "name" : "26147", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26147" - }, - { - "name" : "2911", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2911" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Rule Set Based Access Control (RSBAC) before 1.3.5 does not properly use the Linux Kernel Crypto API for the Linux kernel 2.6.x, which allows context-dependent attackers to bypass authentication controls via unspecified vectors, possibly involving User Management password hashing and unchecked function return codes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25001", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25001" + }, + { + "name": "26147", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26147" + }, + { + "name": "20070719 [ANNOUNCE] RSBAC 1.3.5 released", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/474161/100/0/threaded" + }, + { + "name": "ADV-2007-2610", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2610" + }, + { + "name": "2911", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2911" + }, + { + "name": "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt", + "refsource": "CONFIRM", + "url": "http://download.rsbac.org/code/1.3.5/changes-1.3.5.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4032.json b/2007/4xxx/CVE-2007-4032.json index 46910f499e1..26bf08e9623 100644 --- a/2007/4xxx/CVE-2007-4032.json +++ b/2007/4xxx/CVE-2007-4032.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4032", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4032", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4229", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4229" - }, - { - "name" : "25083", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25083" - }, - { - "name" : "38689", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38689" - }, - { - "name" : "26198", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26198" - }, - { - "name" : "crystalplayer-mls-bo(35625)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in CrystalPlayer Pro 1.98 allows user-assisted remote attackers to execute arbitrary code via a long string in a .mls Playlist file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4229", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4229" + }, + { + "name": "crystalplayer-mls-bo(35625)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35625" + }, + { + "name": "38689", + "refsource": "OSVDB", + "url": "http://osvdb.org/38689" + }, + { + "name": "25083", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25083" + }, + { + "name": "26198", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26198" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4058.json b/2007/4xxx/CVE-2007-4058.json index 2b2feb86ec7..d97cae1ccc8 100644 --- a/2007/4xxx/CVE-2007-4058.json +++ b/2007/4xxx/CVE-2007-4058.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4058", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4058", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4244", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4244" - }, - { - "name" : "25118", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25118" - }, - { - "name" : "vmware-startprocess-code-execution(35673)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll 2.2.5.42958 in EMC VMware 6.0.0 allows remote attackers to execute arbitrary local programs via a full pathname in the first argument to the StartProcess method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vmware-startprocess-code-execution(35673)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35673" + }, + { + "name": "4244", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4244" + }, + { + "name": "25118", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25118" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4350.json b/2007/4xxx/CVE-2007-4350.json index b87e888b561..ab1235e0010 100644 --- a/2007/4xxx/CVE-2007-4350.json +++ b/2007/4xxx/CVE-2007-4350.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4350", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-4350", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20081020 Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/497548/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2007-84/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-84/" - }, - { - "name" : "31816", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/31816" - }, - { - "name" : "ADV-2008-2854", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/2854" - }, - { - "name" : "1021068", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1021068" - }, - { - "name" : "27126", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27126" - }, - { - "name" : "4447", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/4447" - }, - { - "name" : "sitescope-snmp-messages-xss(45958)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/45958" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the management interface in HP SiteScope 9.0 build 911 allows remote attackers to inject arbitrary web script or HTML via an SNMP trap message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "31816", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/31816" + }, + { + "name": "sitescope-snmp-messages-xss(45958)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45958" + }, + { + "name": "27126", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27126" + }, + { + "name": "ADV-2008-2854", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/2854" + }, + { + "name": "http://secunia.com/secunia_research/2007-84/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-84/" + }, + { + "name": "1021068", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1021068" + }, + { + "name": "20081020 Secunia Research: HP SiteScope SNMP Trap Script Insertion Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/497548/100/0/threaded" + }, + { + "name": "4447", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/4447" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4414.json b/2007/4xxx/CVE-2007-4414.json index 191fa1404b4..3c5e4b83fe1 100644 --- a/2007/4xxx/CVE-2007-4414.json +++ b/2007/4xxx/CVE-2007-4414.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the \"Start Before Logon\" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml" - }, - { - "name" : "25332", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25332" - }, - { - "name" : "ADV-2007-2903", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2903" - }, - { - "name" : "1018573", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018573" - }, - { - "name" : "26459", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26459" - }, - { - "name" : "cisco-vpn-dialup-privilege-escalation(36029)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36029" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the \"Start Before Logon\" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml" + }, + { + "name": "ADV-2007-2903", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2903" + }, + { + "name": "26459", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26459" + }, + { + "name": "25332", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25332" + }, + { + "name": "cisco-vpn-dialup-privilege-escalation(36029)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36029" + }, + { + "name": "1018573", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018573" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4495.json b/2007/4xxx/CVE-2007-4495.json index 77c9a26b4aa..e7bc79df022 100644 --- a/2007/4xxx/CVE-2007-4495.json +++ b/2007/4xxx/CVE-2007-4495.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4495", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4495", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "102988", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1" - }, - { - "name" : "25389", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25389" - }, - { - "name" : "ADV-2007-2933", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2933" - }, - { - "name" : "36615", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36615" - }, - { - "name" : "1018597", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018597" - }, - { - "name" : "26558", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the ata disk driver in Sun Solaris 10 on the x86 platform before 20070821 allows local users to cause a denial of service (system panic) via an unspecified ioctl function, aka Bug 6433124." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018597", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018597" + }, + { + "name": "36615", + "refsource": "OSVDB", + "url": "http://osvdb.org/36615" + }, + { + "name": "ADV-2007-2933", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2933" + }, + { + "name": "102988", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102988-1" + }, + { + "name": "25389", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25389" + }, + { + "name": "26558", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26558" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4549.json b/2007/4xxx/CVE-2007-4549.json index 1432543d038..74213ed027f 100644 --- a/2007/4xxx/CVE-2007-4549.json +++ b/2007/4xxx/CVE-2007-4549.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a \"Site Information and Folder entry\" with a ciphertext_length value much larger than the plaintext_length value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://vuln.sg/alpass27-en.html", - "refsource" : "MISC", - "url" : "http://vuln.sg/alpass27-en.html" - }, - { - "name" : "25435", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25435" - }, - { - "name" : "26616", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26616" - }, - { - "name" : "alpass-alpass-db-file-bo(36235)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36235" - }, - { - "name" : "alpass-apw-bo(36257)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in ALPass 2.7 English and 3.02 Korean allow user-assisted remote attackers to execute arbitrary code via an ALPass DB (APW) file containing (1) a long file-key or (2) a \"Site Information and Folder entry\" with a ciphertext_length value much larger than the plaintext_length value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "alpass-alpass-db-file-bo(36235)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36235" + }, + { + "name": "alpass-apw-bo(36257)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36257" + }, + { + "name": "http://vuln.sg/alpass27-en.html", + "refsource": "MISC", + "url": "http://vuln.sg/alpass27-en.html" + }, + { + "name": "26616", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26616" + }, + { + "name": "25435", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25435" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4562.json b/2007/4xxx/CVE-2007-4562.json index 81a45c39c28..33984cc0636 100644 --- a/2007/4xxx/CVE-2007-4562.json +++ b/2007/4xxx/CVE-2007-4562.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4562", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/C and 03-05-/E allows remote attackers to cause a denial of service (connection prevention) by sending \"data unexpectedly through a port.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4562", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html", - "refsource" : "CONFIRM", - "url" : "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html" - }, - { - "name" : "25431", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25431" - }, - { - "name" : "ADV-2007-2989", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2989" - }, - { - "name" : "37856", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37856" - }, - { - "name" : "26592", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26592" - }, - { - "name" : "hitachi-dabroker-dos(36246)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36246" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Hitachi DABroker before 03-02-/D and Cosminexus DABroker before 02-04-/C and 03-05-/E allows remote attackers to cause a denial of service (connection prevention) by sending \"data unexpectedly through a port.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26592", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26592" + }, + { + "name": "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html", + "refsource": "CONFIRM", + "url": "http://www.hitachi-support.com/security_e/vuls_e/HS07-026_e/index-e.html" + }, + { + "name": "25431", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25431" + }, + { + "name": "37856", + "refsource": "OSVDB", + "url": "http://osvdb.org/37856" + }, + { + "name": "ADV-2007-2989", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2989" + }, + { + "name": "hitachi-dabroker-dos(36246)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36246" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6266.json b/2007/6xxx/CVE-2007-6266.json index 6d2550dfb6e..0b515b0d3d5 100644 --- a/2007/6xxx/CVE-2007-6266.json +++ b/2007/6xxx/CVE-2007-6266.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6266", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6266", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html", - "refsource" : "MISC", - "url" : "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html" - }, - { - "name" : "26629", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26629" - }, - { - "name" : "26945", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26945" - }, - { - "name" : "bcoos-index-ratephoto-sql-injection(36752)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36752" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in bcoos 1.0.10 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the gid parameter to modules/arcade/index.php in a show_stats action, or the lid parameter to (2) modules/myalbum/ratephoto.php or (3) modules/mylinks/ratelink.php, different vectors than CVE-2007-5104." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26629", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26629" + }, + { + "name": "bcoos-index-ratephoto-sql-injection(36752)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36752" + }, + { + "name": "26945", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26945" + }, + { + "name": "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html", + "refsource": "MISC", + "url": "http://lostmon.blogspot.com/2007/11/bcoops-sql-injection-and-cross-site.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6316.json b/2007/6xxx/CVE-2007-6316.json index 4595189f3f4..2d7aead4313 100644 --- a/2007/6xxx/CVE-2007-6316.json +++ b/2007/6xxx/CVE-2007-6316.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484833/100/0/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/barradrive-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/barradrive-adv.txt" - }, - { - "name" : "26805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26805" - }, - { - "name" : "28032", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28032" - }, - { - "name" : "3434", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in BarracudaDrive Web Server before 3.8 allows remote attackers to inject arbitrary web script or HTML via the URI path in an HTTP GET request, which is activated by administrators viewing log files via the Trace page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484833/100/0/threaded" + }, + { + "name": "28032", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28032" + }, + { + "name": "http://aluigi.altervista.org/adv/barradrive-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/barradrive-adv.txt" + }, + { + "name": "3434", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3434" + }, + { + "name": "26805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26805" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6405.json b/2007/6xxx/CVE-2007-6405.json index 38109157671..c93268bc2a0 100644 --- a/2007/6xxx/CVE-2007-6405.json +++ b/2007/6xxx/CVE-2007-6405.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6405", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6405", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071207 Two vulnerabilities in Simple HTTPD 1.38", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484761/100/0/threaded" - }, - { - "name" : "4700", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4700" - }, - { - "name" : "[shttpd-general] 20071203 Security bugs in SHTTPD", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=20071203130540.6e482c20.aluigi%40autistici.org&forum_name=shttpd-general" - }, - { - "name" : "http://aluigi.altervista.org/adv/shttpd-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/shttpd-adv.txt" - }, - { - "name" : "26768", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26768" - }, - { - "name" : "44119", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/44119" - }, - { - "name" : "3457", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3457" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to download arbitrary CGI programs or scripts via a URI with an appended (1) '+' character, (2) '.' character, (3) %2e sequence (hex-encoded dot), or (4) hex-encoded character greater than 0x7f. NOTE: the %20 vector is already covered by CVE-2007-3407." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071207 Two vulnerabilities in Simple HTTPD 1.38", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484761/100/0/threaded" + }, + { + "name": "3457", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3457" + }, + { + "name": "4700", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4700" + }, + { + "name": "44119", + "refsource": "OSVDB", + "url": "http://osvdb.org/44119" + }, + { + "name": "26768", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26768" + }, + { + "name": "[shttpd-general] 20071203 Security bugs in SHTTPD", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=20071203130540.6e482c20.aluigi%40autistici.org&forum_name=shttpd-general" + }, + { + "name": "http://aluigi.altervista.org/adv/shttpd-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/shttpd-adv.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6688.json b/2007/6xxx/CVE-2007-6688.json index a967dbaba42..1ee36c9d682 100644 --- a/2007/6xxx/CVE-2007-6688.json +++ b/2007/6xxx/CVE-2007-6688.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6688", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to \"web-accessibility protection of the storage folder.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6688", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://gallery.menalto.com/gallery_2.2.4_released", - "refsource" : "CONFIRM", - "url" : "http://gallery.menalto.com/gallery_2.2.4_released" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=203217", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=203217" - }, - { - "name" : "GLSA-200802-04", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200802-04.xml" - }, - { - "name" : "41670", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41670" - }, - { - "name" : "28898", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28898" - }, - { - "name" : "gallery-installation-unspecified(39987)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39987" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Installation application in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to \"web-accessibility protection of the storage folder.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://gallery.menalto.com/gallery_2.2.4_released", + "refsource": "CONFIRM", + "url": "http://gallery.menalto.com/gallery_2.2.4_released" + }, + { + "name": "GLSA-200802-04", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200802-04.xml" + }, + { + "name": "28898", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28898" + }, + { + "name": "41670", + "refsource": "OSVDB", + "url": "http://osvdb.org/41670" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=203217", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=203217" + }, + { + "name": "gallery-installation-unspecified(39987)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39987" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5276.json b/2010/5xxx/CVE-2010-5276.json index 227354171d8..60ac798b7e5 100644 --- a/2010/5xxx/CVE-2010-5276.json +++ b/2010/5xxx/CVE-2010-5276.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5276", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might \"lead to a role change not being recognized until the user logs in again.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5276", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/927016", - "refsource" : "MISC", - "url" : "http://drupal.org/node/927016" - }, - { - "name" : "http://drupal.org/node/926478", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/926478" - }, - { - "name" : "41663", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/41663" - }, - { - "name" : "ADV-2010-2543", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/2543" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might \"lead to a role change not being recognized until the user logs in again.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41663", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/41663" + }, + { + "name": "http://drupal.org/node/927016", + "refsource": "MISC", + "url": "http://drupal.org/node/927016" + }, + { + "name": "http://drupal.org/node/926478", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/926478" + }, + { + "name": "ADV-2010-2543", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/2543" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1478.json b/2014/1xxx/CVE-2014-1478.json index 340d9d91f17..6a1e4c36c2d 100644 --- a/2014/1xxx/CVE-2014-1478.json +++ b/2014/1xxx/CVE-2014-1478.json @@ -1,252 +1,252 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1478", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1478", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=867597", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=867597" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911707", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911707" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911845", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=911845" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=916635", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=916635" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=922603", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=922603" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=924348", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=924348" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925308", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=925308" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932162", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=932162" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=938431", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=938431" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=939472", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=939472" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942152", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942152" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942940", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=942940" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944278", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944278" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944321", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944321" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944851", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=944851" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945585", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=945585" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=946733", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=946733" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950452", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=950452" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953373", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=953373" - }, - { - "name" : "https://8pecxstudios.com/?page_id=44080", - "refsource" : "CONFIRM", - "url" : "https://8pecxstudios.com/?page_id=44080" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "openSUSE-SU-2014:0212", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html" - }, - { - "name" : "openSUSE-SU-2014:0213", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html" - }, - { - "name" : "openSUSE-SU-2014:0419", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" - }, - { - "name" : "USN-2102-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2102-1" - }, - { - "name" : "USN-2102-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2102-2" - }, - { - "name" : "65324", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65324" - }, - { - "name" : "102865", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/102865" - }, - { - "name" : "1029717", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029717" - }, - { - "name" : "1029720", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029720" - }, - { - "name" : "1029721", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029721" - }, - { - "name" : "56706", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56706" - }, - { - "name" : "56767", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56767" - }, - { - "name" : "56787", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56787" - }, - { - "name" : "56888", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56888" - }, - { - "name" : "56922", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56922" - }, - { - "name" : "firefox-cve20141478-code-exec(90900)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90900" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1029721", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029721" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=922603", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=922603" + }, + { + "name": "102865", + "refsource": "OSVDB", + "url": "http://osvdb.org/102865" + }, + { + "name": "openSUSE-SU-2014:0212", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00004.html" + }, + { + "name": "65324", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65324" + }, + { + "name": "1029717", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029717" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=946733", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=946733" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-01.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=925308", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=925308" + }, + { + "name": "https://8pecxstudios.com/?page_id=44080", + "refsource": "CONFIRM", + "url": "https://8pecxstudios.com/?page_id=44080" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911707", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911707" + }, + { + "name": "56922", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56922" + }, + { + "name": "56787", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56787" + }, + { + "name": "1029720", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029720" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=950452", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=950452" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=938431", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=938431" + }, + { + "name": "USN-2102-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2102-2" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=945585", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=945585" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=916635", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=916635" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=867597", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=867597" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944321", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944321" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942152", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942152" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=942940", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=942940" + }, + { + "name": "56888", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56888" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=924348", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=924348" + }, + { + "name": "openSUSE-SU-2014:0419", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=953373", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=953373" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=911845", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=911845" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=939472", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=939472" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=932162", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=932162" + }, + { + "name": "firefox-cve20141478-code-exec(90900)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90900" + }, + { + "name": "openSUSE-SU-2014:0213", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00005.html" + }, + { + "name": "USN-2102-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2102-1" + }, + { + "name": "56767", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56767" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944278", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944278" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=944851", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=944851" + }, + { + "name": "56706", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56706" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1814.json b/2014/1xxx/CVE-2014-1814.json index fe2664151b3..0cedb576e21 100644 --- a/2014/1xxx/CVE-2014-1814.json +++ b/2014/1xxx/CVE-2014-1814.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1814", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka \"Windows Installer Repair Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-1814", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-049", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-049" - }, - { - "name" : "69112", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69112" - }, - { - "name" : "1030719", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1030719" - }, - { - "name" : "60674", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/60674" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Windows Installer in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that invokes the repair feature for a different application, aka \"Windows Installer Repair Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1030719", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1030719" + }, + { + "name": "MS14-049", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-049" + }, + { + "name": "69112", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69112" + }, + { + "name": "60674", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/60674" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5591.json b/2014/5xxx/CVE-2014-5591.json index eb531116a9f..14b26a12229 100644 --- a/2014/5xxx/CVE-2014-5591.json +++ b/2014/5xxx/CVE-2014-5591.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5591", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5591", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#397081", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/397081" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Frankly Chat (aka com.chatfrankly.android) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#397081", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/397081" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5711.json b/2014/5xxx/CVE-2014-5711.json index 7d5f0e74f79..ffaf4233ec2 100644 --- a/2014/5xxx/CVE-2014-5711.json +++ b/2014/5xxx/CVE-2014-5711.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5711", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft Tech Companion (aka com.technet) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5711", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#318321", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/318321" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft Tech Companion (aka com.technet) application 1.0.6 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#318321", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/318321" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5943.json b/2014/5xxx/CVE-2014-5943.json index 48637cd4c04..e2f31f02ba2 100644 --- a/2014/5xxx/CVE-2014-5943.json +++ b/2014/5xxx/CVE-2014-5943.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5943", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5943", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#115217", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/115217" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The LabMSF Antivirus beta (aka com.ReSync.RNGN) 1.0.2 application Beta for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#115217", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/115217" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2188.json b/2015/2xxx/CVE-2015-2188.json index 3b74a553869..c3590aa7f51 100644 --- a/2015/2xxx/CVE-2015-2188.json +++ b/2015/2xxx/CVE-2015-2188.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2188", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2188", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-07.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-07.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2015-0117.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2015-0117.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "DSA-3210", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3210" - }, - { - "name" : "GLSA-201510-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-03" - }, - { - "name" : "MDVSA-2015:183", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183" - }, - { - "name" : "openSUSE-SU-2015:0489", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html" - }, - { - "name" : "72942", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72942" - }, - { - "name" : "1031858", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0489", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html" + }, + { + "name": "http://advisories.mageia.org/MGASA-2015-0117.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2015-0117.html" + }, + { + "name": "1031858", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031858" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "MDVSA-2015:183", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:183" + }, + { + "name": "DSA-3210", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3210" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + }, + { + "name": "GLSA-201510-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-03" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-07.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-07.html" + }, + { + "name": "72942", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72942" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b204ff4846fe84b7789893c6b1d9afbdecac5b5d" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2295.json b/2015/2xxx/CVE-2015-2295.json index fe512b40f7a..6fea3b46aa6 100644 --- a/2015/2xxx/CVE-2015-2295.json +++ b/2015/2xxx/CVE-2015-2295.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2295", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2295", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/534987/100/0/threaded" - }, - { - "name" : "36506", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/36506/" - }, - { - "name" : "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23251", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23251" - }, - { - "name" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc", - "refsource" : "CONFIRM", - "url" : "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" - }, - { - "name" : "73344", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in system_firmware_restorefullbackup.php in the WebGUI in pfSense before 2.2.1 allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deletefile parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150325 Arbitrary file deletion and multiple XSS vulnerabilities in pfSense", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/534987/100/0/threaded" + }, + { + "name": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc", + "refsource": "CONFIRM", + "url": "https://www.pfsense.org/security/advisories/pfSense-SA-15_04.webgui.asc" + }, + { + "name": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/131022/pfSense-2.2-Cross-Site-Request-Forgery-Cross-Site-Scripting.html" + }, + { + "name": "73344", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73344" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23251", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23251" + }, + { + "name": "36506", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/36506/" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2383.json b/2015/2xxx/CVE-2015-2383.json index f4305e75637..d2a59def4e8 100644 --- a/2015/2xxx/CVE-2015-2383.json +++ b/2015/2xxx/CVE-2015-2383.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2383", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2384 and CVE-2015-2425." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2383", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-2384 and CVE-2015-2425." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2559.json b/2015/2xxx/CVE-2015-2559.json index cdbb5516230..3cb6cc0febf 100644 --- a/2015/2xxx/CVE-2015-2559.json +++ b/2015/2xxx/CVE-2015-2559.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2559", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2559", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/SA-CORE-2015-001", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/SA-CORE-2015-001" - }, - { - "name" : "DSA-3200", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3200" - }, - { - "name" : "73219", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73219" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the password of other accounts by leveraging an account with the same password hash as another account and a crafted password reset URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3200", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3200" + }, + { + "name": "73219", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73219" + }, + { + "name": "https://www.drupal.org/SA-CORE-2015-001", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/SA-CORE-2015-001" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2971.json b/2015/2xxx/CVE-2015-2971.json index 1b70f2dc8cc..7a5e0b83635 100644 --- a/2015/2xxx/CVE-2015-2971.json +++ b/2015/2xxx/CVE-2015-2971.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-2971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.acmailer.jp/info/de.cgi?id=58", - "refsource" : "CONFIRM", - "url" : "http://www.acmailer.jp/info/de.cgi?id=58" - }, - { - "name" : "JVN#64051989", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN64051989/index.html" - }, - { - "name" : "JVNDB-2015-000098", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in Seeds acmailer before 3.8.18 and 3.9.x before 3.9.12 Beta allows remote authenticated users to delete arbitrary files via a crafted string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.acmailer.jp/info/de.cgi?id=58", + "refsource": "CONFIRM", + "url": "http://www.acmailer.jp/info/de.cgi?id=58" + }, + { + "name": "JVN#64051989", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN64051989/index.html" + }, + { + "name": "JVNDB-2015-000098", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000098" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6316.json b/2015/6xxx/CVE-2015-6316.json index 175a2ebfc65..737755f69ca 100644 --- a/2015/6xxx/CVE-2015-6316.json +++ b/2015/6xxx/CVE-2015-6316.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6316", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6316", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151104 Cisco Mobility Services Engine Static Credential Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-mse-cred" - }, - { - "name" : "77432", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77432" - }, - { - "name" : "1034065", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034065" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151104 Cisco Mobility Services Engine Static Credential Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151104-mse-cred" + }, + { + "name": "77432", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77432" + }, + { + "name": "1034065", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034065" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6411.json b/2015/6xxx/CVE-2015-6411.json index f8e3a5dffe5..8ceec689f89 100644 --- a/2015/6xxx/CVE-2015-6411.json +++ b/2015/6xxx/CVE-2015-6411.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151209 Cisco FirePOWER Management Center Software Version Information Disclosure Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-fmc" - }, - { - "name" : "78740", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78740" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests for help files, which allows remote attackers to obtain potentially sensitive version information by reading an unspecified field, aka Bug ID CSCux37061." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "78740", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78740" + }, + { + "name": "20151209 Cisco FirePOWER Management Center Software Version Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-fmc" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6700.json b/2015/6xxx/CVE-2015-6700.json index d44942b9fba..afc30eeeab4 100644 --- a/2015/6xxx/CVE-2015-6700.json +++ b/2015/6xxx/CVE-2015-6700.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-478", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-478" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to obtain sensitive information from process memory via invalid arguments, a different vulnerability than CVE-2015-6697, CVE-2015-6699, CVE-2015-6701, CVE-2015-6702, CVE-2015-6703, and CVE-2015-6704." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-478", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-478" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0231.json b/2016/0xxx/CVE-2016-0231.json index c026e466f37..67878fefde8 100644 --- a/2016/0xxx/CVE-2016-0231.json +++ b/2016/0xxx/CVE-2016-0231.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0231", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0231", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976392", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21976392" - }, - { - "name" : "PI56757", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757" - }, - { - "name" : "PI56758", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758" - }, - { - "name" : "PI56759", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759" - }, - { - "name" : "PI56762", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762" - }, - { - "name" : "PI56763", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763" - }, - { - "name" : "PI56764", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment Services (CPS) 3.0.0 before FP12 allows remote authenticated users to obtain sensitive information by reading exception details in error logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "PI56759", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56759" + }, + { + "name": "PI56762", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56762" + }, + { + "name": "PI56757", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56757" + }, + { + "name": "PI56764", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56764" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21976392", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21976392" + }, + { + "name": "PI56758", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56758" + }, + { + "name": "PI56763", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI56763" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0826.json b/2016/0xxx/CVE-2016-0826.json index f04ed9170fe..409eee35598 100644 --- a/2016/0xxx/CVE-2016-0826.json +++ b/2016/0xxx/CVE-2016-0826.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-03-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-03-01.html" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122" - }, - { - "name" : "84268", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84268" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0" + }, + { + "name": "84268", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84268" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122" + }, + { + "name": "http://source.android.com/security/bulletin/2016-03-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-03-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10081.json b/2016/10xxx/CVE-2016-10081.json index b38f8fd9915..d123ff8dcfe 100644 --- a/2016/10xxx/CVE-2016-10081.json +++ b/2016/10xxx/CVE-2016-10081.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a \"Run a plugin\" action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41435", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41435/" - }, - { - "name" : "https://bugs.launchpad.net/shutter/+bug/1652600", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/shutter/+bug/1652600" - }, - { - "name" : "95351", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95351" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a \"Run a plugin\" action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41435", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41435/" + }, + { + "name": "95351", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95351" + }, + { + "name": "https://bugs.launchpad.net/shutter/+bug/1652600", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/shutter/+bug/1652600" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10303.json b/2016/10xxx/CVE-2016-10303.json index e8018148ddf..a6b5a9de986 100644 --- a/2016/10xxx/CVE-2016-10303.json +++ b/2016/10xxx/CVE-2016-10303.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10303", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10303", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10450.json b/2016/10xxx/CVE-2016-10450.json index 2f3f9cd609e..6254f7c8900 100644 --- a/2016/10xxx/CVE-2016-10450.json +++ b/2016/10xxx/CVE-2016-10450.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10450", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size in Power" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10450", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Small Cell SoC, Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size in Power" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10703.json b/2016/10xxx/CVE-2016-10703.json index e3464d52bda..34ce13d19dc 100644 --- a/2016/10xxx/CVE-2016-10703.json +++ b/2016/10xxx/CVE-2016-10703.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10703", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10703", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01", - "refsource" : "MISC", - "url" : "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01" - }, - { - "name" : "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/", - "refsource" : "MISC", - "url" : "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A regular expression Denial of Service (DoS) vulnerability in the file lib/ecstatic.js of the ecstatic npm package, before version 2.0.0, allows a remote attacker to overload and crash a server by passing a maliciously crafted string." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/", + "refsource": "MISC", + "url": "https://www.checkmarx.com/advisories/denial-of-service-dos-vulnerability-in-ecstatic-npm-package/" + }, + { + "name": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01", + "refsource": "MISC", + "url": "https://github.com/jfhbrook/node-ecstatic/commit/71ce93988ead4b561a8592168c72143907189f01" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4546.json b/2016/4xxx/CVE-2016-4546.json index 6b0c1560e10..b512039233a 100644 --- a/2016/4xxx/CVE-2016-4546.json +++ b/2016/4xxx/CVE-2016-4546.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4546", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4546", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160505 Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/05/06/1" - }, - { - "name" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016", - "refsource" : "CONFIRM", - "url" : "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Samsung devices with Android KK(4.4) or L(5.0/5.1) allow local users to cause a denial of service (IAndroidShm service crash) via crafted data in a service call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016", + "refsource": "CONFIRM", + "url": "http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016" + }, + { + "name": "[oss-security] 20160505 Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/05/06/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4590.json b/2016/4xxx/CVE-2016-4590.json index ebbed3ac1a7..2d9cd6b979a 100644 --- a/2016/4xxx/CVE-2016-4590.json +++ b/2016/4xxx/CVE-2016-4590.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160825 WebKitGTK+ Security Advisory WSA-2016-0005", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539295/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html" - }, - { - "name" : "https://support.apple.com/HT206900", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206900" - }, - { - "name" : "https://support.apple.com/HT206902", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206902" - }, - { - "name" : "APPLE-SA-2016-07-18-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-07-18-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html" - }, - { - "name" : "91835", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91835" - }, - { - "name" : "1036343", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit in Apple iOS before 9.3.3 and Safari before 9.1.2 mishandles about: URLs, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-07-18-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00001.html" + }, + { + "name": "91835", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91835" + }, + { + "name": "https://support.apple.com/HT206900", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206900" + }, + { + "name": "1036343", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036343" + }, + { + "name": "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/138502/WebKitGTK-SOP-Bypass-Information-Disclosure.html" + }, + { + "name": "20160825 WebKitGTK+ Security Advisory WSA-2016-0005", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539295/100/0/threaded" + }, + { + "name": "https://support.apple.com/HT206902", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206902" + }, + { + "name": "APPLE-SA-2016-07-18-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00004.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4867.json b/2016/4xxx/CVE-2016-4867.json index c600b0cb9e7..498134d0834 100644 --- a/2016/4xxx/CVE-2016-4867.json +++ b/2016/4xxx/CVE-2016-4867.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9429", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9429" - }, - { - "name" : "JVN#07148816", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN07148816/index.html" - }, - { - "name" : "JVNDB-2016-000187", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000187.html" - }, - { - "name" : "93461", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93461" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Office 9.0.0 to 10.4.0 allows remote authenticated attackers to bypass access restriction to view unauthorized project information via the Project function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000187", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000187.html" + }, + { + "name": "93461", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93461" + }, + { + "name": "JVN#07148816", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN07148816/index.html" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9429", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9429" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4925.json b/2016/4xxx/CVE-2016-4925.json index ed903f5bd8f..5cb14483bd9 100644 --- a/2016/4xxx/CVE-2016-4925.json +++ b/2016/4xxx/CVE-2016-4925.json @@ -1,118 +1,118 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "sirt@juniper.net", - "DATE_PUBLIC" : "2016-10-12T09:00", - "ID" : "CVE-2016-4925", - "STATE" : "PUBLIC", - "TITLE" : "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "JunosE", - "version" : { - "version_data" : [ - { - "platform" : "", - "version_value" : "10.3 prior to 10.3.3p0-15" - }, - { - "platform" : "", - "version_value" : "12.3 prior to 12.3.3p0-6" - }, - { - "platform" : "", - "version_value" : "13.3 prior to 13.3.3p0-1" - }, - { - "platform" : "", - "version_value" : "14.3 prior to 14.3.2" - } - ] - } - } - ] - }, - "vendor_name" : "Juniper Networks" - } - ] - } - }, - "configuration" : [ - { - "lang" : "eng", - "value" : "This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability." - } - ], - "credit" : [], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue." - } - ] - }, - "exploit" : "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "HIGH", - "baseScore" : 7.5, - "baseSeverity" : "HIGH", - "confidentialityImpact" : "NONE", - "integrityImpact" : "NONE", - "privilegesRequired" : "NONE", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2016-10-12T09:00", + "ID": "CVE-2016-4925", + "STATE": "PUBLIC", + "TITLE": "JUNOSe: Line Card Reset: processor exception 0x68616c74 (halt) task: scheduler, upon receipt of crafted IPv6 packet" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "JunosE", + "version": { + "version_data": [ + { + "platform": "", + "version_value": "10.3 prior to 10.3.3p0-15" + }, + { + "platform": "", + "version_value": "12.3 prior to 12.3.3p0-6" + }, + { + "platform": "", + "version_value": "13.3 prior to 13.3.3p0-1" + }, + { + "platform": "", + "version_value": "14.3 prior to 14.3.2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.juniper.net/JSA10767", - "refsource" : "CONFIRM", - "url" : "https://kb.juniper.net/JSA10767" - }, - { - "name" : "93533", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93533" - }, - { - "name" : "1037012", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037012" - } - ] - }, - "solution" : "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases. Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.", - "work_around" : [ - { - "lang" : "eng", - "value" : "No known workaround exists for this issue." - } - ] -} + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability." + } + ], + "credit": [], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. The line card will reboot and recover without user interaction. However, additional specifically malformed packets may cause follow-on line card resets and lead to an extended service outage. This issue only affects E Series routers with IPv6 licensed and enabled. Routers not configured to process IPv6 traffic are unaffected by this vulnerability. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue." + } + ] + }, + "exploit": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.", + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA10767", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA10767" + }, + { + "name": "1037012", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037012" + }, + { + "name": "93533", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93533" + } + ] + }, + "solution": "JUNOSe releases containing the fix specifically include: 10.3.3p0-15, 12.3.3p0-6, 13.3.3p0-1, 14.3.2, 15.1.0, and all subsequent releases. Hotfixes are also available upon request.\n\nThis issue is being tracked as CQ 97413 and is visible on the Customer Support website.", + "work_around": [ + { + "lang": "eng", + "value": "No known workaround exists for this issue." + } + ] +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9082.json b/2016/9xxx/CVE-2016-9082.json index 9366a276b56..cff53a3fbdd 100644 --- a/2016/9xxx/CVE-2016-9082.json +++ b/2016/9xxx/CVE-2016-9082.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9082", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9082", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161027 Re: librsvg and cairo are causing libpng to write out-of-bounds", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/10/27/2" - }, - { - "name" : "https://bugs.freedesktop.org/attachment.cgi?id=127421", - "refsource" : "CONFIRM", - "url" : "https://bugs.freedesktop.org/attachment.cgi?id=127421" - }, - { - "name" : "https://bugs.freedesktop.org/show_bug.cgi?id=98165", - "refsource" : "CONFIRM", - "url" : "https://bugs.freedesktop.org/show_bug.cgi?id=98165" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1312337", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1312337" - }, - { - "name" : "93931", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93931" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1312337", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1312337" + }, + { + "name": "https://bugs.freedesktop.org/show_bug.cgi?id=98165", + "refsource": "CONFIRM", + "url": "https://bugs.freedesktop.org/show_bug.cgi?id=98165" + }, + { + "name": "93931", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93931" + }, + { + "name": "[oss-security] 20161027 Re: librsvg and cairo are causing libpng to write out-of-bounds", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/10/27/2" + }, + { + "name": "https://bugs.freedesktop.org/attachment.cgi?id=127421", + "refsource": "CONFIRM", + "url": "https://bugs.freedesktop.org/attachment.cgi?id=127421" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9226.json b/2016/9xxx/CVE-2016-9226.json index a5dfd14015d..a51a9441725 100644 --- a/2016/9xxx/CVE-2016-9226.json +++ b/2016/9xxx/CVE-2016-9226.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9226", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9226", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9275.json b/2016/9xxx/CVE-2016-9275.json index 02ef846ea0b..8b771f936a3 100644 --- a/2016/9xxx/CVE-2016-9275.json +++ b/2016/9xxx/CVE-2016-9275.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9275", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9275", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/11/7" - }, - { - "name" : "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c", - "refsource" : "MISC", - "url" : "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1394802", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1394802" - }, - { - "name" : "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/", - "refsource" : "CONFIRM", - "url" : "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/" - }, - { - "name" : "94284", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94284" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the _dwarf_skim_forms function in libdwarf/dwarf_macro5.c in Libdwarf before 20161124 allows remote attackers to cause a denial of service (out-of-bounds read)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20161111 Re: libdwarf: heap-based buffer overflow in _dwarf_skim_forms (dwarf_macro5.c)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/11/7" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1394802", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1394802" + }, + { + "name": "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c", + "refsource": "MISC", + "url": "https://blogs.gentoo.org/ago/2016/11/07/libdwarf-heap-based-buffer-overflow-in-_dwarf_skim_forms-dwarf_macro5-c" + }, + { + "name": "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/", + "refsource": "CONFIRM", + "url": "https://sourceforge.net/p/libdwarf/code/ci/583f8834083b5ef834c497f5b47797e16101a9a6/" + }, + { + "name": "94284", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94284" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9507.json b/2016/9xxx/CVE-2016-9507.json index 1b27651838c..cb1aaf1c020 100644 --- a/2016/9xxx/CVE-2016-9507.json +++ b/2016/9xxx/CVE-2016-9507.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9507", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9507", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9703.json b/2016/9xxx/CVE-2016-9703.json index 76591a57082..e5811237eb6 100644 --- a/2016/9xxx/CVE-2016-9703.json +++ b/2016/9xxx/CVE-2016-9703.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9703", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Identity Manager", - "version" : { - "version_data" : [ - { - "version_value" : "6.0" - }, - { - "version_value" : "5.0" - }, - { - "version_value" : "5.1" - }, - { - "version_value" : "6" - }, - { - "version_value" : "7.0" - }, - { - "version_value" : "7" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9703", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Identity Manager", + "version": { + "version_data": [ + { + "version_value": "6.0" + }, + { + "version_value": "5.0" + }, + { + "version_value": "5.1" + }, + { + "version_value": "6" + }, + { + "version_value": "7.0" + }, + { + "version_value": "7" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21996761", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21996761" - }, - { - "name" : "95327", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95327" - }, - { - "name" : "1037765", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037765" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95327", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95327" + }, + { + "name": "1037765", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037765" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21996761", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21996761" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2053.json b/2019/2xxx/CVE-2019-2053.json index 80e1868cbbb..353286d5452 100644 --- a/2019/2xxx/CVE-2019-2053.json +++ b/2019/2xxx/CVE-2019-2053.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2053", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2053", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2432.json b/2019/2xxx/CVE-2019-2432.json index e654a58c1f1..503d93c896c 100644 --- a/2019/2xxx/CVE-2019-2432.json +++ b/2019/2xxx/CVE-2019-2432.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2432", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Argus Safety", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.1" - }, - { - "version_affected" : "=", - "version_value" : "8.2" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2432", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Argus Safety", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.1" + }, + { + "version_affected": "=", + "version_value": "8.2" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106599", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106599" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected are 8.1 and 8.2. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Argus Safety. While the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106599", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106599" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2537.json b/2019/2xxx/CVE-2019-2537.json index e5437698ca9..dabecc0a2e6 100644 --- a/2019/2xxx/CVE-2019-2537.json +++ b/2019/2xxx/CVE-2019-2537.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "MySQL Server", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "5.6.42 and prior" - }, - { - "version_affected" : "=", - "version_value" : "5.7.24 and prior" - }, - { - "version_affected" : "=", - "version_value" : "8.0.13 and prior" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MySQL Server", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "5.6.42 and prior" + }, + { + "version_affected": "=", + "version_value": "5.7.24 and prior" + }, + { + "version_affected": "=", + "version_value": "8.0.13 and prior" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20190118-0002/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20190118-0002/" - }, - { - "name" : "USN-3867-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3867-1/" - }, - { - "name" : "106619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106619" + }, + { + "name": "[debian-lts-announce] 20190201 [SECURITY] [DLA 1655-1] mariadb-10.0 security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00000.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "USN-3867-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3867-1/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20190118-0002/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20190118-0002/" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2758.json b/2019/2xxx/CVE-2019-2758.json index d61e163328e..adcbd369eca 100644 --- a/2019/2xxx/CVE-2019-2758.json +++ b/2019/2xxx/CVE-2019-2758.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2758", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2758", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3023.json b/2019/3xxx/CVE-2019-3023.json index 0c699e91f8b..188b4fa53e9 100644 --- a/2019/3xxx/CVE-2019-3023.json +++ b/2019/3xxx/CVE-2019-3023.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3023", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3023", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3125.json b/2019/3xxx/CVE-2019-3125.json index 3c90b687c36..258efeb571d 100644 --- a/2019/3xxx/CVE-2019-3125.json +++ b/2019/3xxx/CVE-2019-3125.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3125", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3125", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3173.json b/2019/3xxx/CVE-2019-3173.json index 8358347953f..8fdf5328779 100644 --- a/2019/3xxx/CVE-2019-3173.json +++ b/2019/3xxx/CVE-2019-3173.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3173", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3173", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3657.json b/2019/3xxx/CVE-2019-3657.json index 6dc25b76457..da042d7cd68 100644 --- a/2019/3xxx/CVE-2019-3657.json +++ b/2019/3xxx/CVE-2019-3657.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3657", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3657", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3750.json b/2019/3xxx/CVE-2019-3750.json index cde678a4023..d401f5ac46d 100644 --- a/2019/3xxx/CVE-2019-3750.json +++ b/2019/3xxx/CVE-2019-3750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6385.json b/2019/6xxx/CVE-2019-6385.json index a6828c0d1bc..993e43a67c2 100644 --- a/2019/6xxx/CVE-2019-6385.json +++ b/2019/6xxx/CVE-2019-6385.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6385", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6385", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6407.json b/2019/6xxx/CVE-2019-6407.json index 210099fb333..f3c43624570 100644 --- a/2019/6xxx/CVE-2019-6407.json +++ b/2019/6xxx/CVE-2019-6407.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6407", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6407", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6436.json b/2019/6xxx/CVE-2019-6436.json index ff97c9bf0c9..9b0561aa87c 100644 --- a/2019/6xxx/CVE-2019-6436.json +++ b/2019/6xxx/CVE-2019-6436.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6436", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6436", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6993.json b/2019/6xxx/CVE-2019-6993.json index d7e6f2052eb..10d78ad7f48 100644 --- a/2019/6xxx/CVE-2019-6993.json +++ b/2019/6xxx/CVE-2019-6993.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6993", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6993", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7051.json b/2019/7xxx/CVE-2019-7051.json index efb89a76ce3..71e5bcba282 100644 --- a/2019/7xxx/CVE-2019-7051.json +++ b/2019/7xxx/CVE-2019-7051.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7051", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7051", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7233.json b/2019/7xxx/CVE-2019-7233.json index 427051021c6..9b851c869f8 100644 --- a/2019/7xxx/CVE-2019-7233.json +++ b/2019/7xxx/CVE-2019-7233.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7233", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7233", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/uvoteam/libdoc/issues/6", - "refsource" : "MISC", - "url" : "https://github.com/uvoteam/libdoc/issues/6" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/uvoteam/libdoc/issues/6", + "refsource": "MISC", + "url": "https://github.com/uvoteam/libdoc/issues/6" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7427.json b/2019/7xxx/CVE-2019-7427.json index 65e6c71ab8e..02e917d08f7 100644 --- a/2019/7xxx/CVE-2019-7427.json +++ b/2019/7xxx/CVE-2019-7427.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7427", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7427", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7729.json b/2019/7xxx/CVE-2019-7729.json index 0083daaf2d5..40c66ddf63a 100644 --- a/2019/7xxx/CVE-2019-7729.json +++ b/2019/7xxx/CVE-2019-7729.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7729", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7729", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html", - "refsource" : "CONFIRM", - "url" : "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Bosch Smart Camera App before 1.3.1 for Android. Due to setting of insecure permissions, a malicious app could potentially succeed in retrieving video clips or still images that have been cached for clip sharing. (The Bosch Smart Home App is not affected. iOS Apps are not affected.)" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html", + "refsource": "CONFIRM", + "url": "https://psirt.bosch.com/Advisory/BOSCH-2019-0204.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8473.json b/2019/8xxx/CVE-2019-8473.json index 256ee7a1f2c..79a2540b533 100644 --- a/2019/8xxx/CVE-2019-8473.json +++ b/2019/8xxx/CVE-2019-8473.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8473", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8473", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8506.json b/2019/8xxx/CVE-2019-8506.json index 72f23406dac..d6701f5ee86 100644 --- a/2019/8xxx/CVE-2019-8506.json +++ b/2019/8xxx/CVE-2019-8506.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8506", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8506", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8996.json b/2019/8xxx/CVE-2019-8996.json index 53e5ea2cfa3..cd046a49836 100644 --- a/2019/8xxx/CVE-2019-8996.json +++ b/2019/8xxx/CVE-2019-8996.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8996", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8996", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://help.signiant.com/manager-agents/installation/release-notes/", - "refsource" : "MISC", - "url" : "https://help.signiant.com/manager-agents/installation/release-notes/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://help.signiant.com/manager-agents/installation/release-notes/", + "refsource": "MISC", + "url": "https://help.signiant.com/manager-agents/installation/release-notes/" + } + ] + } +} \ No newline at end of file