From df0fdd01d7fb9e4f8fd68f95f96c30b61b74c343 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 02:56:27 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0622.json | 130 ++++----- 2007/0xxx/CVE-2007-0865.json | 170 ++++++------ 2007/0xxx/CVE-2007-0901.json | 160 +++++------ 2007/0xxx/CVE-2007-0990.json | 34 +-- 2007/1xxx/CVE-2007-1336.json | 34 +-- 2007/1xxx/CVE-2007-1481.json | 160 +++++------ 2007/3xxx/CVE-2007-3261.json | 180 ++++++------- 2007/3xxx/CVE-2007-3356.json | 190 ++++++------- 2007/3xxx/CVE-2007-3401.json | 170 ++++++------ 2007/3xxx/CVE-2007-3578.json | 160 +++++------ 2007/3xxx/CVE-2007-3783.json | 190 ++++++------- 2007/3xxx/CVE-2007-3880.json | 190 ++++++------- 2007/3xxx/CVE-2007-3976.json | 150 +++++------ 2007/4xxx/CVE-2007-4339.json | 180 ++++++------- 2007/4xxx/CVE-2007-4390.json | 190 ++++++------- 2007/4xxx/CVE-2007-4820.json | 150 +++++------ 2007/4xxx/CVE-2007-4962.json | 170 ++++++------ 2014/5xxx/CVE-2014-5637.json | 140 +++++----- 2015/2xxx/CVE-2015-2628.json | 310 ++++++++++----------- 2015/2xxx/CVE-2015-2725.json | 350 ++++++++++++------------ 2015/6xxx/CVE-2015-6246.json | 220 +++++++-------- 2015/6xxx/CVE-2015-6352.json | 140 +++++----- 2015/6xxx/CVE-2015-6826.json | 160 +++++------ 2015/6xxx/CVE-2015-6849.json | 130 ++++----- 2015/6xxx/CVE-2015-6897.json | 34 +-- 2015/6xxx/CVE-2015-6973.json | 160 +++++------ 2015/7xxx/CVE-2015-7355.json | 34 +-- 2015/7xxx/CVE-2015-7647.json | 180 ++++++------- 2015/7xxx/CVE-2015-7650.json | 130 ++++----- 2015/7xxx/CVE-2015-7732.json | 120 ++++----- 2016/0xxx/CVE-2016-0012.json | 130 ++++----- 2016/0xxx/CVE-2016-0373.json | 418 ++++++++++++++--------------- 2016/1000xxx/CVE-2016-1000271.json | 126 ++++----- 2016/10xxx/CVE-2016-10002.json | 180 ++++++------- 2016/10xxx/CVE-2016-10117.json | 130 ++++----- 2016/10xxx/CVE-2016-10200.json | 220 +++++++-------- 2016/4xxx/CVE-2016-4012.json | 34 +-- 2016/4xxx/CVE-2016-4039.json | 34 +-- 2019/2xxx/CVE-2019-2555.json | 140 +++++----- 2019/2xxx/CVE-2019-2709.json | 34 +-- 2019/3xxx/CVE-2019-3022.json | 34 +-- 2019/3xxx/CVE-2019-3101.json | 34 +-- 2019/3xxx/CVE-2019-3143.json | 34 +-- 2019/3xxx/CVE-2019-3260.json | 34 +-- 2019/3xxx/CVE-2019-3383.json | 34 +-- 2019/4xxx/CVE-2019-4703.json | 34 +-- 2019/6xxx/CVE-2019-6055.json | 34 +-- 2019/6xxx/CVE-2019-6639.json | 34 +-- 2019/6xxx/CVE-2019-6692.json | 34 +-- 2019/6xxx/CVE-2019-6725.json | 34 +-- 2019/7xxx/CVE-2019-7153.json | 120 ++++----- 2019/7xxx/CVE-2019-7281.json | 34 +-- 2019/7xxx/CVE-2019-7336.json | 120 ++++----- 2019/7xxx/CVE-2019-7529.json | 34 +-- 2019/8xxx/CVE-2019-8072.json | 34 +-- 2019/8xxx/CVE-2019-8081.json | 34 +-- 2019/8xxx/CVE-2019-8714.json | 34 +-- 2019/8xxx/CVE-2019-8898.json | 34 +-- 2019/9xxx/CVE-2019-9109.json | 130 ++++----- 2019/9xxx/CVE-2019-9380.json | 34 +-- 2019/9xxx/CVE-2019-9674.json | 34 +-- 2019/9xxx/CVE-2019-9701.json | 34 +-- 62 files changed, 3589 insertions(+), 3589 deletions(-) diff --git a/2007/0xxx/CVE-2007-0622.json b/2007/0xxx/CVE-2007-0622.json index 56995d1a05b..b8b50e9b488 100644 --- a/2007/0xxx/CVE-2007-0622.json +++ b/2007/0xxx/CVE-2007-0622.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0622", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0622", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "32968", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32968" - }, - { - "name" : "23934", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23934" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in MyBB (aka MyBulletinBoard) 1.2.2 allows remote attackers to send messages to arbitrary users. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23934", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23934" + }, + { + "name": "32968", + "refsource": "OSVDB", + "url": "http://osvdb.org/32968" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0865.json b/2007/0xxx/CVE-2007-0865.json index 914c19c01a9..150626056f0 100644 --- a/2007/0xxx/CVE-2007-0865.json +++ b/2007/0xxx/CVE-2007-0865.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0865", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0865", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3287", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3287" - }, - { - "name" : "22469", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22469" - }, - { - "name" : "ADV-2007-0539", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0539" - }, - { - "name" : "33134", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33134" - }, - { - "name" : "24081", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24081" - }, - { - "name" : "lushinews-comments-sql-injection(32360)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32360" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in comments.php in LushiNews 1.01 and earlier allows remote authenticated users to inject arbitrary SQL commands via the id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3287", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3287" + }, + { + "name": "lushinews-comments-sql-injection(32360)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32360" + }, + { + "name": "22469", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22469" + }, + { + "name": "24081", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24081" + }, + { + "name": "ADV-2007-0539", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0539" + }, + { + "name": "33134", + "refsource": "OSVDB", + "url": "http://osvdb.org/33134" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0901.json b/2007/0xxx/CVE-2007-0901.json index 0f358485827..371800150eb 100644 --- a/2007/0xxx/CVE-2007-0901.json +++ b/2007/0xxx/CVE-2007-0901.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0901", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0901", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "USN-423-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-423-1" - }, - { - "name" : "22515", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22515" - }, - { - "name" : "33172", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33172" - }, - { - "name" : "24138", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24138" - }, - { - "name" : "24244", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24244" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Info pages in MoinMoin 1.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) hitcounts and (2) general parameters, different vectors than CVE-2007-0857. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24138", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24138" + }, + { + "name": "33172", + "refsource": "OSVDB", + "url": "http://osvdb.org/33172" + }, + { + "name": "USN-423-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-423-1" + }, + { + "name": "22515", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22515" + }, + { + "name": "24244", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24244" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0990.json b/2007/0xxx/CVE-2007-0990.json index b78def513ac..600698c4f3f 100644 --- a/2007/0xxx/CVE-2007-0990.json +++ b/2007/0xxx/CVE-2007-0990.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0990", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-0990", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1336.json b/2007/1xxx/CVE-2007-1336.json index a348b84abe5..90a7e84f7eb 100644 --- a/2007/1xxx/CVE-2007-1336.json +++ b/2007/1xxx/CVE-2007-1336.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1336", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1336", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1481.json b/2007/1xxx/CVE-2007-1481.json index b47646c1580..2e291598040 100644 --- a/2007/1xxx/CVE-2007-1481.json +++ b/2007/1xxx/CVE-2007-1481.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1481", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1481", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3490", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3490" - }, - { - "name" : "22998", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22998" - }, - { - "name" : "ADV-2007-1001", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1001" - }, - { - "name" : "24532", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24532" - }, - { - "name" : "wbblog-viewentry-sql-injection(33010)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33010" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in WBBlog allows remote attackers to execute arbitrary SQL commands via the e_id parameter in a viewentry cmd." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3490", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3490" + }, + { + "name": "ADV-2007-1001", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1001" + }, + { + "name": "24532", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24532" + }, + { + "name": "wbblog-viewentry-sql-injection(33010)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33010" + }, + { + "name": "22998", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22998" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3261.json b/2007/3xxx/CVE-2007-3261.json index 8e746d79391..13a2ce1ad81 100644 --- a/2007/3xxx/CVE-2007-3261.json +++ b/2007/3xxx/CVE-2007-3261.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3261", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3261", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281", - "refsource" : "CONFIRM", - "url" : "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847" - }, - { - "name" : "24518", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24518" - }, - { - "name" : "ADV-2007-2243", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2243" - }, - { - "name" : "36373", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36373" - }, - { - "name" : "25731", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25731" - }, - { - "name" : "dkret-widgetsearch-xss(34930)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34930" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in widgets/widget_search.php in dKret before 2.6 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (PHP_SELF)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=516770&group_id=185847" + }, + { + "name": "24518", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24518" + }, + { + "name": "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281", + "refsource": "CONFIRM", + "url": "http://dkret.svn.sourceforge.net/viewvc/dkret/trunk/widgets/widget_search.php?r1=275&r2=281" + }, + { + "name": "dkret-widgetsearch-xss(34930)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34930" + }, + { + "name": "25731", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25731" + }, + { + "name": "36373", + "refsource": "OSVDB", + "url": "http://osvdb.org/36373" + }, + { + "name": "ADV-2007-2243", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2243" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3356.json b/2007/3xxx/CVE-2007-3356.json index a0043d006f0..3102863b4ba 100644 --- a/2007/3xxx/CVE-2007-3356.json +++ b/2007/3xxx/CVE-2007-3356.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3356", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the display_errors setting in (1) Common.php and (2) imageresizer.php, and (3) the use of __FILE__ in error reporting by imageresizer.php; and (4) via certain requests that reveal the table name and complete query, related to the Halt_On_Error setting in Mysql_db.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3356", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070621 NetClassifieds [multiple vulnerabilities]", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471944/100/0/threaded" - }, - { - "name" : "24584", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24584" - }, - { - "name" : "38564", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38564" - }, - { - "name" : "38565", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38565" - }, - { - "name" : "38566", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38566" - }, - { - "name" : "38567", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38567" - }, - { - "name" : "2824", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2824" - }, - { - "name" : "netclassifieds-multi-information-disclosure(34997)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34997" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the display_errors setting in (1) Common.php and (2) imageresizer.php, and (3) the use of __FILE__ in error reporting by imageresizer.php; and (4) via certain requests that reveal the table name and complete query, related to the Halt_On_Error setting in Mysql_db.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070621 NetClassifieds [multiple vulnerabilities]", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471944/100/0/threaded" + }, + { + "name": "netclassifieds-multi-information-disclosure(34997)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34997" + }, + { + "name": "24584", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24584" + }, + { + "name": "38565", + "refsource": "OSVDB", + "url": "http://osvdb.org/38565" + }, + { + "name": "38566", + "refsource": "OSVDB", + "url": "http://osvdb.org/38566" + }, + { + "name": "38567", + "refsource": "OSVDB", + "url": "http://osvdb.org/38567" + }, + { + "name": "2824", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2824" + }, + { + "name": "38564", + "refsource": "OSVDB", + "url": "http://osvdb.org/38564" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3401.json b/2007/3xxx/CVE-2007-3401.json index a9f1e8eec16..8c8e3c17abd 100644 --- a/2007/3xxx/CVE-2007-3401.json +++ b/2007/3xxx/CVE-2007-3401.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3401", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3401", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4102", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4102" - }, - { - "name" : "24624", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24624" - }, - { - "name" : "ADV-2007-2321", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2321" - }, - { - "name" : "36291", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36291" - }, - { - "name" : "25837", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25837" - }, - { - "name" : "b1gbb-footerinc-file-include(35035)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in footer.inc.php in B1G b1gBB 2.24 allows remote attackers to execute arbitrary PHP code via a URL in the tfooter parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25837", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25837" + }, + { + "name": "b1gbb-footerinc-file-include(35035)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35035" + }, + { + "name": "ADV-2007-2321", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2321" + }, + { + "name": "24624", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24624" + }, + { + "name": "4102", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4102" + }, + { + "name": "36291", + "refsource": "OSVDB", + "url": "http://osvdb.org/36291" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3578.json b/2007/3xxx/CVE-2007-3578.json index ce45cc53e83..0da139cc48e 100644 --- a/2007/3xxx/CVE-2007-3578.json +++ b/2007/3xxx/CVE-2007-3578.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3578", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3578", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sla.ckers.org/forum/read.php?2,13209,13218", - "refsource" : "MISC", - "url" : "http://sla.ckers.org/forum/read.php?2,13209,13218" - }, - { - "name" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0", - "refsource" : "CONFIRM", - "url" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0" - }, - { - "name" : "45757", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45757" - }, - { - "name" : "45758", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45758" - }, - { - "name" : "phpids-arithmetic-unclosed-xss(35519)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35519" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHPIDS before 20070703 does not properly handle (1) arithmetic expressions and (2) unclosed comments, which allows remote attackers to inject arbitrary web script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45757", + "refsource": "OSVDB", + "url": "http://osvdb.org/45757" + }, + { + "name": "http://sla.ckers.org/forum/read.php?2,13209,13218", + "refsource": "MISC", + "url": "http://sla.ckers.org/forum/read.php?2,13209,13218" + }, + { + "name": "45758", + "refsource": "OSVDB", + "url": "http://osvdb.org/45758" + }, + { + "name": "phpids-arithmetic-unclosed-xss(35519)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35519" + }, + { + "name": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0", + "refsource": "CONFIRM", + "url": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3783.json b/2007/3xxx/CVE-2007-3783.json index 894e1173464..89e941f6932 100644 --- a/2007/3xxx/CVE-2007-3783.json +++ b/2007/3xxx/CVE-2007-3783.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3783", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3783", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070711 durito: enVivo!CMS SQL injection", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473355/100/0/threaded" - }, - { - "name" : "20070711 durito: enVivo!CMS SQL injection", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064555.html" - }, - { - "name" : "http://securityvulns.ru/Rdocument425.html", - "refsource" : "MISC", - "url" : "http://securityvulns.ru/Rdocument425.html" - }, - { - "name" : "ADV-2007-2503", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2503" - }, - { - "name" : "36246", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36246" - }, - { - "name" : "26020", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26020" - }, - { - "name" : "2897", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2897" - }, - { - "name" : "envivocms-default-sql-injection(35342)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35342" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. NOTE: this is probably different from CVE-2005-1413.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "envivocms-default-sql-injection(35342)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35342" + }, + { + "name": "2897", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2897" + }, + { + "name": "36246", + "refsource": "OSVDB", + "url": "http://osvdb.org/36246" + }, + { + "name": "26020", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26020" + }, + { + "name": "20070711 durito: enVivo!CMS SQL injection", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064555.html" + }, + { + "name": "20070711 durito: enVivo!CMS SQL injection", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473355/100/0/threaded" + }, + { + "name": "http://securityvulns.ru/Rdocument425.html", + "refsource": "MISC", + "url": "http://securityvulns.ru/Rdocument425.html" + }, + { + "name": "ADV-2007-2503", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2503" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3880.json b/2007/3xxx/CVE-2007-3880.json index 84949727ed4..a89e13edfa7 100644 --- a/2007/3xxx/CVE-2007-3880.json +++ b/2007/3xxx/CVE-2007-3880.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3880", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3880", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071102 Sun Microsystems Solaris srsexec Format String Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610" - }, - { - "name" : "103119", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1" - }, - { - "name" : "200581", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1" - }, - { - "name" : "26313", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26313" - }, - { - "name" : "ADV-2007-3711", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3711" - }, - { - "name" : "40836", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40836" - }, - { - "name" : "1018893", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018893" - }, - { - "name" : "27512", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27512" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in srsexec in Sun Remote Services (SRS) Net Connect 3.2.3 and 3.2.4, as distributed in the SRS Proxy Core (SUNWsrspx) package, allows local users to gain privileges via format string specifiers in unspecified input that is logged through syslog." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103119", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103119-1" + }, + { + "name": "40836", + "refsource": "OSVDB", + "url": "http://osvdb.org/40836" + }, + { + "name": "1018893", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018893" + }, + { + "name": "26313", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26313" + }, + { + "name": "ADV-2007-3711", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3711" + }, + { + "name": "27512", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27512" + }, + { + "name": "200581", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200581-1" + }, + { + "name": "20071102 Sun Microsystems Solaris srsexec Format String Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=610" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3976.json b/2007/3xxx/CVE-2007-3976.json index cd03a8f8a5b..2b7e8750bd8 100644 --- a/2007/3xxx/CVE-2007-3976.json +++ b/2007/3xxx/CVE-2007-3976.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3976", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3976", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4213", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4213" - }, - { - "name" : "ADV-2007-2612", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2612" - }, - { - "name" : "39135", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39135" - }, - { - "name" : "bwired-index-sql-injection(35540)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35540" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in bwired allows remote attackers to execute arbitrary SQL commands via the newsID parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4213", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4213" + }, + { + "name": "ADV-2007-2612", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2612" + }, + { + "name": "39135", + "refsource": "OSVDB", + "url": "http://osvdb.org/39135" + }, + { + "name": "bwired-index-sql-injection(35540)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35540" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4339.json b/2007/4xxx/CVE-2007-4339.json index ac201efb816..53bd5dbe1ad 100644 --- a/2007/4xxx/CVE-2007-4339.json +++ b/2007/4xxx/CVE-2007-4339.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4339", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4339", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070812 PHPCentral Poll Script Remote Command Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476261/100/0/threaded" - }, - { - "name" : "20070820 Re: PHPCentral Poll Script Remote Command Execution Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477179/100/0/threaded" - }, - { - "name" : "ADV-2007-2878", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2878" - }, - { - "name" : "36418", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36418" - }, - { - "name" : "36419", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36419" - }, - { - "name" : "26434", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26434" - }, - { - "name" : "3008", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3008" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070820 Re: PHPCentral Poll Script Remote Command Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477179/100/0/threaded" + }, + { + "name": "26434", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26434" + }, + { + "name": "20070812 PHPCentral Poll Script Remote Command Execution Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476261/100/0/threaded" + }, + { + "name": "ADV-2007-2878", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2878" + }, + { + "name": "3008", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3008" + }, + { + "name": "36418", + "refsource": "OSVDB", + "url": "http://osvdb.org/36418" + }, + { + "name": "36419", + "refsource": "OSVDB", + "url": "http://osvdb.org/36419" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4390.json b/2007/4xxx/CVE-2007-4390.json index 6791af97d30..56866cf1998 100644 --- a/2007/4xxx/CVE-2007-4390.json +++ b/2007/4xxx/CVE-2007-4390.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4390", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4390", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070816 TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476785/100/0/threaded" - }, - { - "name" : "20070820 Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477163/100/0/threaded" - }, - { - "name" : "25342", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25342" - }, - { - "name" : "39398", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39398" - }, - { - "name" : "1018584", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018584" - }, - { - "name" : "26495", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26495" - }, - { - "name" : "3025", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3025" - }, - { - "name" : "adonis-dnsdhcpcli-privilege-escalation(36082)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36082" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Command Line Interface (CLI), aka Adonis Administration Console, on the BlueCat Networks Adonis DNS/DHCP appliance 5.0.2.8 allows local admin users to gain root privileges on the underlying operating system via shell metacharacters in a command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26495", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26495" + }, + { + "name": "25342", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25342" + }, + { + "name": "adonis-dnsdhcpcli-privilege-escalation(36082)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36082" + }, + { + "name": "1018584", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018584" + }, + { + "name": "3025", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3025" + }, + { + "name": "20070816 TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476785/100/0/threaded" + }, + { + "name": "39398", + "refsource": "OSVDB", + "url": "http://osvdb.org/39398" + }, + { + "name": "20070820 Re: TS-2007-003-0: BlueCat Networks Adonis CLI root privilege escalation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477163/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4820.json b/2007/4xxx/CVE-2007-4820.json index 29e79f4f822..edcb753fb78 100644 --- a/2007/4xxx/CVE-2007-4820.json +++ b/2007/4xxx/CVE-2007-4820.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4820", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4820", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4380", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4380" - }, - { - "name" : "25605", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25605" - }, - { - "name" : "39017", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39017" - }, - { - "name" : "sisfokampus-nmf-file-include(36533)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36533" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25605", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25605" + }, + { + "name": "39017", + "refsource": "OSVDB", + "url": "http://osvdb.org/39017" + }, + { + "name": "4380", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4380" + }, + { + "name": "sisfokampus-nmf-file-include(36533)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36533" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4962.json b/2007/4xxx/CVE-2007-4962.json index 635d108e386..d5b1e68723b 100644 --- a/2007/4xxx/CVE-2007-4962.json +++ b/2007/4xxx/CVE-2007-4962.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4962", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4962", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070915 WinImage 8.10 vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479695/100/0/threaded" - }, - { - "name" : "25687", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25687" - }, - { - "name" : "40550", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40550" - }, - { - "name" : "26832", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26832" - }, - { - "name" : "3140", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3140" - }, - { - "name" : "winimage-imgiso-directory-traversal(36663)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in WinImage 8.10 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a filename within a (1) .IMG or (2) .ISO file. NOTE: this can be leveraged for code execution by writing to a Startup folder." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070915 WinImage 8.10 vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479695/100/0/threaded" + }, + { + "name": "40550", + "refsource": "OSVDB", + "url": "http://osvdb.org/40550" + }, + { + "name": "3140", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3140" + }, + { + "name": "winimage-imgiso-directory-traversal(36663)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36663" + }, + { + "name": "25687", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25687" + }, + { + "name": "26832", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26832" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5637.json b/2014/5xxx/CVE-2014-5637.json index 08516e88752..d7e9cf62cfe 100644 --- a/2014/5xxx/CVE-2014-5637.json +++ b/2014/5xxx/CVE-2014-5637.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#716257", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/716257" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Eu Sei (aka com.guilardi.eusei) application eusei_android_5.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#716257", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/716257" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2628.json b/2015/2xxx/CVE-2015-2628.json index 1180ada46a4..19b2ebb64f0 100644 --- a/2015/2xxx/CVE-2015-2628.json +++ b/2015/2xxx/CVE-2015-2628.json @@ -1,157 +1,157 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2628", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2628", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "DSA-3339", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3339" - }, - { - "name" : "DSA-3316", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3316" - }, - { - "name" : "GLSA-201603-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-11" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "RHSA-2015:1526", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1526.html" - }, - { - "name" : "RHSA-2015:1228", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1228.html" - }, - { - "name" : "RHSA-2015:1229", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1229.html" - }, - { - "name" : "RHSA-2015:1230", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1230.html" - }, - { - "name" : "RHSA-2015:1241", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1241.html" - }, - { - "name" : "RHSA-2015:1242", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1242.html" - }, - { - "name" : "RHSA-2015:1243", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1243.html" - }, - { - "name" : "SUSE-SU-2015:1319", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:1320", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:1288", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" - }, - { - "name" : "openSUSE-SU-2015:1289", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" - }, - { - "name" : "USN-2696-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2696-1" - }, - { - "name" : "USN-2706-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2706-1" - }, - { - "name" : "75796", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75796" - }, - { - "name" : "1032910", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032910" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1243", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "75796", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75796" + }, + { + "name": "RHSA-2015:1229", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html" + }, + { + "name": "1032910", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032910" + }, + { + "name": "USN-2706-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2706-1" + }, + { + "name": "RHSA-2015:1526", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html" + }, + { + "name": "openSUSE-SU-2015:1289", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html" + }, + { + "name": "RHSA-2015:1228", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html" + }, + { + "name": "DSA-3316", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3316" + }, + { + "name": "GLSA-201603-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-11" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "USN-2696-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2696-1" + }, + { + "name": "DSA-3339", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3339" + }, + { + "name": "RHSA-2015:1242", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html" + }, + { + "name": "SUSE-SU-2015:1319", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html" + }, + { + "name": "SUSE-SU-2015:1320", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html" + }, + { + "name": "openSUSE-SU-2015:1288", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html" + }, + { + "name": "RHSA-2015:1241", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html" + }, + { + "name": "RHSA-2015:1230", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2725.json b/2015/2xxx/CVE-2015-2725.json index e6ca3203229..5661afeb38d 100644 --- a/2015/2xxx/CVE-2015-2725.json +++ b/2015/2xxx/CVE-2015-2725.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-2725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "RHSA-2015:1455", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1455.html" - }, - { - "name" : "RHSA-2015:1207", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1207.html" - }, - { - "name" : "SUSE-SU-2015:1268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" - }, - { - "name" : "SUSE-SU-2015:1269", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" - }, - { - "name" : "SUSE-SU-2015:1449", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" - }, - { - "name" : "openSUSE-SU-2015:1229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" - }, - { - "name" : "USN-2656-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-1" - }, - { - "name" : "USN-2656-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2656-2" - }, - { - "name" : "75541", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75541" - }, - { - "name" : "1032783", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032783" - }, - { - "name" : "1032784", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032784" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:1229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html" + }, + { + "name": "RHSA-2015:1455", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1455.html" + }, + { + "name": "SUSE-SU-2015:1268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00033.html" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-59.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163359" + }, + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159973" + }, + { + "name": "75541", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75541" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "1032784", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032784" + }, + { + "name": "RHSA-2015:1207", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1207.html" + }, + { + "name": "SUSE-SU-2015:1269", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00034.html" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172076" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1151650" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1163852" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1159321" + }, + { + "name": "USN-2656-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1172397" + }, + { + "name": "SUSE-SU-2015:1449", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00021.html" + }, + { + "name": "1032783", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032783" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1056410" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1156861" + }, + { + "name": "USN-2656-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2656-2" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6246.json b/2015/6xxx/CVE-2015-6246.json index 5f49fc2b53b..ef384e1c86a 100644 --- a/2015/6xxx/CVE-2015-6246.json +++ b/2015/6xxx/CVE-2015-6246.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-26.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-26.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "DSA-3367", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3367" - }, - { - "name" : "FEDORA-2015-13945", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" - }, - { - "name" : "FEDORA-2015-13946", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" - }, - { - "name" : "openSUSE-SU-2015:1836", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" - }, - { - "name" : "76381", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76381" - }, - { - "name" : "1033272", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033272" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-13945", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168837.html" + }, + { + "name": "1033272", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033272" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11358" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=5523726e6960fe9d7e301376fd7a94599f65fd42" + }, + { + "name": "76381", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76381" + }, + { + "name": "FEDORA-2015-13946", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165509.html" + }, + { + "name": "DSA-3367", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3367" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-26.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-26.html" + }, + { + "name": "openSUSE-SU-2015:1836", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6352.json b/2015/6xxx/CVE-2015-6352.json index 67b9abc9e86..45bfe651c44 100644 --- a/2015/6xxx/CVE-2015-6352.json +++ b/2015/6xxx/CVE-2015-6352.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6352", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6352", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151028 Cisco Unified Communications Domain Manager URI Enumeration Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151027-ucd" - }, - { - "name" : "77341", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77341" - }, - { - "name" : "1034022", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to map a filesystem via a series of requests, aka Bug ID CSCut67891." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034022", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034022" + }, + { + "name": "20151028 Cisco Unified Communications Domain Manager URI Enumeration Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151027-ucd" + }, + { + "name": "77341", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77341" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6826.json b/2015/6xxx/CVE-2015-6826.json index 70f9dbb9fb7..88cdb627d21 100644 --- a/2015/6xxx/CVE-2015-6826.json +++ b/2015/6xxx/CVE-2015-6826.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6826", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6826", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html" - }, - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a" - }, - { - "name" : "http://ffmpeg.org/security.html", - "refsource" : "CONFIRM", - "url" : "http://ffmpeg.org/security.html" - }, - { - "name" : "USN-2944-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2944-1" - }, - { - "name" : "1033483", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via crafted (1) RV30 or (2) RV40 RealVideo data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=3197c0aa87a3b7190e17d49e6fbc7b554e4b3f0a" + }, + { + "name": "USN-2944-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html" + }, + { + "name": "1033483", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033483" + }, + { + "name": "http://ffmpeg.org/security.html", + "refsource": "CONFIRM", + "url": "http://ffmpeg.org/security.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6849.json b/2015/6xxx/CVE-2015-6849.json index 5a9142c783e..4785d931037 100644 --- a/2015/6xxx/CVE-2015-6849.json +++ b/2015/6xxx/CVE-2015-6849.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-6849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2015/Dec/18" - }, - { - "name" : "1034287", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034287" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authentication messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034287", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034287" + }, + { + "name": "20151203 ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2015/Dec/18" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6897.json b/2015/6xxx/CVE-2015-6897.json index 2aea6b4546b..9ce4020fad7 100644 --- a/2015/6xxx/CVE-2015-6897.json +++ b/2015/6xxx/CVE-2015-6897.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6897", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6897", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6973.json b/2015/6xxx/CVE-2015-6973.json index 7b93e3f2a1e..a6006f4bd71 100644 --- a/2015/6xxx/CVE-2015-6973.json +++ b/2015/6xxx/CVE-2015-6973.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6973", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6973", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150915 Openfire 3.10.2 CSRF Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536470/100/0/threaded" - }, - { - "name" : "38192", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38192/" - }, - { - "name" : "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt", - "refsource" : "MISC", - "url" : "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt" - }, - { - "name" : "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html" - }, - { - "name" : "GLSA-201612-50", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-50" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote attackers to hijack the authentication of administrators for requests that (1) change a password via a crafted request to user-password.jsp, (2) add users via a crafted request to user-create.jsp, (3) edit server settings or (4) disable SSL on the server via a crafted request to server-props.jsp, or (5) add clients via a crafted request to plugins/clientcontrol/permitted-clients.jsp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150915 Openfire 3.10.2 CSRF Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536470/100/0/threaded" + }, + { + "name": "GLSA-201612-50", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-50" + }, + { + "name": "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133554/Openfire-3.10.2-Cross-Site-Request-Forgery.html" + }, + { + "name": "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt", + "refsource": "MISC", + "url": "http://hyp3rlinx.altervista.org/advisories/AS-OPENFIRE-CSRF.txt" + }, + { + "name": "38192", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38192/" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7355.json b/2015/7xxx/CVE-2015-7355.json index 831bf4ea941..834aea4142d 100644 --- a/2015/7xxx/CVE-2015-7355.json +++ b/2015/7xxx/CVE-2015-7355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7647.json b/2015/7xxx/CVE-2015-7647.json index 8273b6ca51c..2e605dbf717 100644 --- a/2015/7xxx/CVE-2015-7647.json +++ b/2015/7xxx/CVE-2015-7647.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-7648." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38969", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38969/" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html" - }, - { - "name" : "GLSA-201511-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201511-02" - }, - { - "name" : "RHSA-2015:2024", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2024.html" - }, - { - "name" : "RHSA-2015:1913", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1913.html" - }, - { - "name" : "77115", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77115" - }, - { - "name" : "1033850", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033850" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.255 and 19.x before 19.0.0.226 on Windows and OS X and before 11.2.202.540 on Linux allows attackers to execute arbitrary code by leveraging an unspecified \"type confusion,\" a different vulnerability than CVE-2015-7648." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1913", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1913.html" + }, + { + "name": "38969", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38969/" + }, + { + "name": "RHSA-2015:2024", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2024.html" + }, + { + "name": "77115", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77115" + }, + { + "name": "1033850", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033850" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-27.html" + }, + { + "name": "GLSA-201511-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201511-02" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7650.json b/2015/7xxx/CVE-2015-7650.json index 527f32d0577..4545b74fcff 100644 --- a/2015/7xxx/CVE-2015-7650.json +++ b/2015/7xxx/CVE-2015-7650.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7650", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-7650", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-534", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-534" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (out-of-bounds read and memory corruption) via a crafted CMAP table in a PDF document, a different vulnerability than CVE-2015-6685, CVE-2015-6686, CVE-2015-6693, CVE-2015-6694, CVE-2015-6695, and CVE-2015-7622." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-534", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-534" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7732.json b/2015/7xxx/CVE-2015-7732.json index 06281f4d244..8258c82f724 100644 --- a/2015/7xxx/CVE-2015-7732.json +++ b/2015/7xxx/CVE-2015-7732.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7732", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7732", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html", - "refsource" : "MISC", - "url" : "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html", + "refsource": "MISC", + "url": "https://www.info-sec.ca/advisories/Avira-Mobile-Security.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0012.json b/2016/0xxx/CVE-2016-0012.json index 1a9a029699d..be875fac3e4 100644 --- a/2016/0xxx/CVE-2016-0012.json +++ b/2016/0xxx/CVE-2016-0012.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0012", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Microsoft Office ASLR Bypass.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0012", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-004", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004" - }, - { - "name" : "1034651", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034651" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka \"Microsoft Office ASLR Bypass.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-004", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004" + }, + { + "name": "1034651", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034651" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0373.json b/2016/0xxx/CVE-2016-0373.json index 52de17f98b5..ed3e719119a 100644 --- a/2016/0xxx/CVE-2016-0373.json +++ b/2016/0xxx/CVE-2016-0373.json @@ -1,211 +1,211 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2016-11-14T00:00:00", - "ID" : "CVE-2016-0373", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UrbanCode Deploy", - "version" : { - "version_data" : [ - { - "version_value" : "6.1.0.2" - }, - { - "version_value" : "6.0" - }, - { - "version_value" : "6.0.1" - }, - { - "version_value" : "6.0.1.1" - }, - { - "version_value" : "6.0.1.2" - }, - { - "version_value" : "6.0.1.3" - }, - { - "version_value" : "6.0.1.4" - }, - { - "version_value" : "6.0.1.5" - }, - { - "version_value" : "6.0.1.6" - }, - { - "version_value" : "6.1" - }, - { - "version_value" : "6.1.0.1" - }, - { - "version_value" : "6.1.0.3" - }, - { - "version_value" : "6.0.1.7" - }, - { - "version_value" : "6.0.1.8" - }, - { - "version_value" : "6.1.0.4" - }, - { - "version_value" : "6.1.1" - }, - { - "version_value" : "6.1.1.1" - }, - { - "version_value" : "6.1.1.2" - }, - { - "version_value" : "6.1.1.3" - }, - { - "version_value" : "6.1.1.4" - }, - { - "version_value" : "6.1.1.5" - }, - { - "version_value" : "6.0.1.9" - }, - { - "version_value" : "6.1.1.6" - }, - { - "version_value" : "6.1.1.7" - }, - { - "version_value" : "6.1.2" - }, - { - "version_value" : "6.0.1.10" - }, - { - "version_value" : "6.0.1.11" - }, - { - "version_value" : "6.1.1.8" - }, - { - "version_value" : "6.1.3" - }, - { - "version_value" : "6.1.3.1" - }, - { - "version_value" : "6.2" - }, - { - "version_value" : "6.2.0.1" - }, - { - "version_value" : "6.0.1.12" - }, - { - "version_value" : "6.1.3.2" - }, - { - "version_value" : "6.2.0.2" - }, - { - "version_value" : "6.2.1" - }, - { - "version_value" : "6.0.1.13" - }, - { - "version_value" : "6.2.1.1" - }, - { - "version_value" : "6.0.1.14" - }, - { - "version_value" : "6.1.3.3" - }, - { - "version_value" : "6.2.2" - }, - { - "version_value" : "6.2.2.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "A" : "N", - "AC" : "H", - "AV" : "N", - "C" : "L", - "I" : "N", - "PR" : "L", - "S" : "U", - "SCORE" : "3.100", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RC" : "C", - "RL" : "O" - } - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2016-11-14T00:00:00", + "ID": "CVE-2016-0373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UrbanCode Deploy", + "version": { + "version_data": [ + { + "version_value": "6.1.0.2" + }, + { + "version_value": "6.0" + }, + { + "version_value": "6.0.1" + }, + { + "version_value": "6.0.1.1" + }, + { + "version_value": "6.0.1.2" + }, + { + "version_value": "6.0.1.3" + }, + { + "version_value": "6.0.1.4" + }, + { + "version_value": "6.0.1.5" + }, + { + "version_value": "6.0.1.6" + }, + { + "version_value": "6.1" + }, + { + "version_value": "6.1.0.1" + }, + { + "version_value": "6.1.0.3" + }, + { + "version_value": "6.0.1.7" + }, + { + "version_value": "6.0.1.8" + }, + { + "version_value": "6.1.0.4" + }, + { + "version_value": "6.1.1" + }, + { + "version_value": "6.1.1.1" + }, + { + "version_value": "6.1.1.2" + }, + { + "version_value": "6.1.1.3" + }, + { + "version_value": "6.1.1.4" + }, + { + "version_value": "6.1.1.5" + }, + { + "version_value": "6.0.1.9" + }, + { + "version_value": "6.1.1.6" + }, + { + "version_value": "6.1.1.7" + }, + { + "version_value": "6.1.2" + }, + { + "version_value": "6.0.1.10" + }, + { + "version_value": "6.0.1.11" + }, + { + "version_value": "6.1.1.8" + }, + { + "version_value": "6.1.3" + }, + { + "version_value": "6.1.3.1" + }, + { + "version_value": "6.2" + }, + { + "version_value": "6.2.0.1" + }, + { + "version_value": "6.0.1.12" + }, + { + "version_value": "6.1.3.2" + }, + { + "version_value": "6.2.0.2" + }, + { + "version_value": "6.2.1" + }, + { + "version_value": "6.0.1.13" + }, + { + "version_value": "6.2.1.1" + }, + { + "version_value": "6.0.1.14" + }, + { + "version_value": "6.1.3.3" + }, + { + "version_value": "6.2.2" + }, + { + "version_value": "6.2.2.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219" - }, - { - "name" : "ibm-ucd-cve20160373-info-disc(112119)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/112119" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "A": "N", + "AC": "H", + "AV": "N", + "C": "L", + "I": "N", + "PR": "L", + "S": "U", + "SCORE": "3.100", + "UI": "N" + }, + "TM": { + "E": "U", + "RC": "C", + "RL": "O" + } + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg2C1000219" + }, + { + "name": "ibm-ucd-cve20160373-info-disc(112119)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/112119" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000271.json b/2016/1000xxx/CVE-2016-1000271.json index 72823124b6d..6eb2311ac41 100644 --- a/2016/1000xxx/CVE-2016-1000271.json +++ b/2016/1000xxx/CVE-2016-1000271.json @@ -1,65 +1,65 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-02-04T11:22:33", - "DATE_REQUESTED" : "2019-02-04T11:22:33", - "ID" : "CVE-2016-1000271", - "REQUESTER" : "kurt@seifried.org", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Joomla extension DT Register", - "version" : { - "version_data" : [ - { - "version_value" : "before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5)" - } - ] - } - } - ] - }, - "vendor_name" : "Joomla extension DT Register" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in \"/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events\". This attack appears to be exploitable if the attacker can reach the web server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "SQL Injection" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "DATE_ASSIGNED": "2019-02-04T11:22:33", + "DATE_REQUESTED": "2019-02-04T11:22:33", + "ID": "CVE-2016-1000271", + "REQUESTER": "kurt@seifried.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in \"/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events\". This attack appears to be exploitable if the attacker can reach the web server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10002.json b/2016/10xxx/CVE-2016-10002.json index a7a1e7555d6..49cbb89fa8b 100644 --- a/2016/10xxx/CVE-2016-10002.json +++ b/2016/10xxx/CVE-2016-10002.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10002", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10002", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161217 Re: CVE Request - squid HTTP proxy multiple Information Disclosure issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/18/1" - }, - { - "name" : "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt", - "refsource" : "CONFIRM", - "url" : "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt" - }, - { - "name" : "DSA-3745", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3745" - }, - { - "name" : "RHSA-2017:0182", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0182.html" - }, - { - "name" : "RHSA-2017:0183", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0183.html" - }, - { - "name" : "94953", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94953" - }, - { - "name" : "1037513", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt", + "refsource": "CONFIRM", + "url": "http://www.squid-cache.org/Advisories/SQUID-2016_11.txt" + }, + { + "name": "1037513", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037513" + }, + { + "name": "[oss-security] 20161217 Re: CVE Request - squid HTTP proxy multiple Information Disclosure issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/18/1" + }, + { + "name": "RHSA-2017:0183", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0183.html" + }, + { + "name": "RHSA-2017:0182", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0182.html" + }, + { + "name": "94953", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94953" + }, + { + "name": "DSA-3745", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3745" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10117.json b/2016/10xxx/CVE-2016-10117.json index 7042b49f2a5..5dc239e6c25 100644 --- a/2016/10xxx/CVE-2016-10117.json +++ b/2016/10xxx/CVE-2016-10117.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10117", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10117", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20170105 Re: Firejail local root exploit", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/01/05/4" - }, - { - "name" : "[oss-security] 20170106 Re: Firejail local root exploit", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2017/01/06/2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20170105 Re: Firejail local root exploit", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/01/05/4" + }, + { + "name": "[oss-security] 20170106 Re: Firejail local root exploit", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2017/01/06/2" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10200.json b/2016/10xxx/CVE-2016-10200.json index a25fd2cf34f..e9c02733648 100644 --- a/2016/10xxx/CVE-2016-10200.json +++ b/2016/10xxx/CVE-2016-10200.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10200", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-10200", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef" - }, - { - "name" : "http://source.android.com/security/bulletin/2017-03-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2017-03-01.html" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14" - }, - { - "name" : "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef" - }, - { - "name" : "RHSA-2017:1842", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1842" - }, - { - "name" : "RHSA-2017:2077", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2077" - }, - { - "name" : "RHSA-2017:2437", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2437" - }, - { - "name" : "RHSA-2017:2444", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:2444" - }, - { - "name" : "101783", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/101783" - }, - { - "name" : "1037965", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037965" - }, - { - "name" : "1037968", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037968" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/32c231164b762dddefa13af5a0101032c70b50ef" + }, + { + "name": "1037965", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037965" + }, + { + "name": "RHSA-2017:2437", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2437" + }, + { + "name": "1037968", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037968" + }, + { + "name": "RHSA-2017:2444", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2444" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=32c231164b762dddefa13af5a0101032c70b50ef" + }, + { + "name": "http://source.android.com/security/bulletin/2017-03-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2017-03-01.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14" + }, + { + "name": "101783", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/101783" + }, + { + "name": "RHSA-2017:2077", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:2077" + }, + { + "name": "RHSA-2017:1842", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1842" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4012.json b/2016/4xxx/CVE-2016-4012.json index ec813023bae..1d05d1d1b35 100644 --- a/2016/4xxx/CVE-2016-4012.json +++ b/2016/4xxx/CVE-2016-4012.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4012", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4012", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4039.json b/2016/4xxx/CVE-2016-4039.json index a6a71645865..f12490f7ead 100644 --- a/2016/4xxx/CVE-2016-4039.json +++ b/2016/4xxx/CVE-2016-4039.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4039", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4039", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2555.json b/2019/2xxx/CVE-2019-2555.json index 5f4a5a63235..aa898ea571e 100644 --- a/2019/2xxx/CVE-2019-2555.json +++ b/2019/2xxx/CVE-2019-2555.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2555", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "VM VirtualBox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "5.2.24" - }, - { - "version_affected" : "<", - "version_value" : "6.0.2" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2555", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "VM VirtualBox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.2.24" + }, + { + "version_affected": "<", + "version_value": "6.0.2" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106568", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106568" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106568", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106568" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2709.json b/2019/2xxx/CVE-2019-2709.json index 2dd79fdd328..7d43fc9eb94 100644 --- a/2019/2xxx/CVE-2019-2709.json +++ b/2019/2xxx/CVE-2019-2709.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2709", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2709", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3022.json b/2019/3xxx/CVE-2019-3022.json index 5e5315095b2..8c318f1a116 100644 --- a/2019/3xxx/CVE-2019-3022.json +++ b/2019/3xxx/CVE-2019-3022.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3022", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3022", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3101.json b/2019/3xxx/CVE-2019-3101.json index a88663f5995..25c35712f51 100644 --- a/2019/3xxx/CVE-2019-3101.json +++ b/2019/3xxx/CVE-2019-3101.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3101", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3101", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3143.json b/2019/3xxx/CVE-2019-3143.json index a58598e3f26..7b2ff4dadf5 100644 --- a/2019/3xxx/CVE-2019-3143.json +++ b/2019/3xxx/CVE-2019-3143.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3143", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3143", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3260.json b/2019/3xxx/CVE-2019-3260.json index 951c75f6174..b12641aff8f 100644 --- a/2019/3xxx/CVE-2019-3260.json +++ b/2019/3xxx/CVE-2019-3260.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3260", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3260", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3383.json b/2019/3xxx/CVE-2019-3383.json index 293b567b609..0d34f93435e 100644 --- a/2019/3xxx/CVE-2019-3383.json +++ b/2019/3xxx/CVE-2019-3383.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3383", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3383", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4703.json b/2019/4xxx/CVE-2019-4703.json index 6d1f303e3de..958b85beab7 100644 --- a/2019/4xxx/CVE-2019-4703.json +++ b/2019/4xxx/CVE-2019-4703.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4703", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4703", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6055.json b/2019/6xxx/CVE-2019-6055.json index 0524e9ee39d..2f3e78d953f 100644 --- a/2019/6xxx/CVE-2019-6055.json +++ b/2019/6xxx/CVE-2019-6055.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6055", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6055", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6639.json b/2019/6xxx/CVE-2019-6639.json index 3d2a154c48e..40319b341d4 100644 --- a/2019/6xxx/CVE-2019-6639.json +++ b/2019/6xxx/CVE-2019-6639.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6639", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6639", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6692.json b/2019/6xxx/CVE-2019-6692.json index 70f946ff9a4..865779d9538 100644 --- a/2019/6xxx/CVE-2019-6692.json +++ b/2019/6xxx/CVE-2019-6692.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6692", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6692", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6725.json b/2019/6xxx/CVE-2019-6725.json index 3418417dd54..698b679c63d 100644 --- a/2019/6xxx/CVE-2019-6725.json +++ b/2019/6xxx/CVE-2019-6725.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6725", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6725", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7153.json b/2019/7xxx/CVE-2019-7153.json index 3a8d7419ac4..8af15cd4152 100644 --- a/2019/7xxx/CVE-2019-7153.json +++ b/2019/7xxx/CVE-2019-7153.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7153", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7153", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/WebAssembly/binaryen/issues/1879", - "refsource" : "MISC", - "url" : "https://github.com/WebAssembly/binaryen/issues/1879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by wasm-opt." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/WebAssembly/binaryen/issues/1879", + "refsource": "MISC", + "url": "https://github.com/WebAssembly/binaryen/issues/1879" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7281.json b/2019/7xxx/CVE-2019-7281.json index 80191b3f8e9..f22a01aacb4 100644 --- a/2019/7xxx/CVE-2019-7281.json +++ b/2019/7xxx/CVE-2019-7281.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7281", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7281", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7336.json b/2019/7xxx/CVE-2019-7336.json index ce41fa38a2c..96221011e56 100644 --- a/2019/7xxx/CVE-2019-7336.json +++ b/2019/7xxx/CVE-2019-7336.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZoneMinder/zoneminder/issues/2457", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/issues/2457" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZoneMinder/zoneminder/issues/2457", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/issues/2457" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7529.json b/2019/7xxx/CVE-2019-7529.json index 69734ebf897..375d58ebbab 100644 --- a/2019/7xxx/CVE-2019-7529.json +++ b/2019/7xxx/CVE-2019-7529.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7529", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7529", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8072.json b/2019/8xxx/CVE-2019-8072.json index 82a5ab09610..206702b871f 100644 --- a/2019/8xxx/CVE-2019-8072.json +++ b/2019/8xxx/CVE-2019-8072.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8072", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8072", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8081.json b/2019/8xxx/CVE-2019-8081.json index 7154533d4b6..e57857e6175 100644 --- a/2019/8xxx/CVE-2019-8081.json +++ b/2019/8xxx/CVE-2019-8081.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8081", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8081", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8714.json b/2019/8xxx/CVE-2019-8714.json index aefeba4bd4d..def8355ec18 100644 --- a/2019/8xxx/CVE-2019-8714.json +++ b/2019/8xxx/CVE-2019-8714.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8714", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8714", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8898.json b/2019/8xxx/CVE-2019-8898.json index 198bb009ae3..5fb0c8168bc 100644 --- a/2019/8xxx/CVE-2019-8898.json +++ b/2019/8xxx/CVE-2019-8898.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8898", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8898", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9109.json b/2019/9xxx/CVE-2019-9109.json index 0fe220c983f..fd2b092a16b 100644 --- a/2019/9xxx/CVE-2019-9109.json +++ b/2019/9xxx/CVE-2019-9109.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9109", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480", - "refsource" : "MISC", - "url" : "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480" - }, - { - "name" : "https://github.com/wuzhicms/wuzhicms/issues/172", - "refsource" : "MISC", - "url" : "https://github.com/wuzhicms/wuzhicms/issues/172" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS] to coreframe/app/message/message.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/wuzhicms/wuzhicms/issues/172", + "refsource": "MISC", + "url": "https://github.com/wuzhicms/wuzhicms/issues/172" + }, + { + "name": "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480", + "refsource": "MISC", + "url": "https://gist.github.com/redeye5/57ccafea7263efec67c82b0503c72480" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9380.json b/2019/9xxx/CVE-2019-9380.json index 72d1ff25777..d4940fe78fc 100644 --- a/2019/9xxx/CVE-2019-9380.json +++ b/2019/9xxx/CVE-2019-9380.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9380", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9380", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9674.json b/2019/9xxx/CVE-2019-9674.json index f391f25c808..d89e639a638 100644 --- a/2019/9xxx/CVE-2019-9674.json +++ b/2019/9xxx/CVE-2019-9674.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9674", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9674", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9701.json b/2019/9xxx/CVE-2019-9701.json index 9d43a7c6b60..4899c9209f2 100644 --- a/2019/9xxx/CVE-2019-9701.json +++ b/2019/9xxx/CVE-2019-9701.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9701", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9701", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file