From dfe827e47c1b889f6b81486912e5684fb35bf6a3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:15:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0485.json | 170 +++++++------- 2007/0xxx/CVE-2007-0873.json | 190 +++++++-------- 2007/3xxx/CVE-2007-3237.json | 170 +++++++------- 2007/3xxx/CVE-2007-3505.json | 190 +++++++-------- 2007/3xxx/CVE-2007-3580.json | 150 ++++++------ 2007/3xxx/CVE-2007-3673.json | 190 +++++++-------- 2007/4xxx/CVE-2007-4135.json | 200 ++++++++-------- 2007/4xxx/CVE-2007-4249.json | 150 ++++++------ 2007/4xxx/CVE-2007-4667.json | 210 ++++++++--------- 2007/4xxx/CVE-2007-4980.json | 160 ++++++------- 2007/6xxx/CVE-2007-6317.json | 160 ++++++------- 2007/6xxx/CVE-2007-6347.json | 170 +++++++------- 2014/1xxx/CVE-2014-1953.json | 34 +-- 2014/5xxx/CVE-2014-5308.json | 190 +++++++-------- 2014/5xxx/CVE-2014-5834.json | 140 +++++------ 2014/5xxx/CVE-2014-5978.json | 140 +++++------ 2015/2xxx/CVE-2015-2074.json | 34 +-- 2015/2xxx/CVE-2015-2192.json | 180 +++++++-------- 2015/2xxx/CVE-2015-2856.json | 120 +++++----- 2015/6xxx/CVE-2015-6520.json | 160 ++++++------- 2015/6xxx/CVE-2015-6714.json | 140 +++++------ 2015/6xxx/CVE-2015-6818.json | 160 ++++++------- 2015/7xxx/CVE-2015-7485.json | 130 +++++------ 2016/0xxx/CVE-2016-0102.json | 160 ++++++------- 2016/0xxx/CVE-2016-0318.json | 130 +++++------ 2016/0xxx/CVE-2016-0832.json | 130 +++++------ 2016/1000xxx/CVE-2016-1000233.json | 34 +-- 2016/10xxx/CVE-2016-10261.json | 34 +-- 2016/4xxx/CVE-2016-4691.json | 160 ++++++------- 2016/4xxx/CVE-2016-4838.json | 358 ++++++++++++++--------------- 2016/4xxx/CVE-2016-4937.json | 34 +-- 2016/9xxx/CVE-2016-9414.json | 150 ++++++------ 2016/9xxx/CVE-2016-9812.json | 190 +++++++-------- 2019/1003xxx/CVE-2019-1003003.json | 134 +++++------ 2019/2xxx/CVE-2019-2088.json | 34 +-- 2019/2xxx/CVE-2019-2547.json | 156 ++++++------- 2019/2xxx/CVE-2019-2886.json | 34 +-- 2019/3xxx/CVE-2019-3090.json | 34 +-- 2019/3xxx/CVE-2019-3305.json | 34 +-- 2019/3xxx/CVE-2019-3972.json | 34 +-- 2019/6xxx/CVE-2019-6019.json | 34 +-- 2019/6xxx/CVE-2019-6237.json | 34 +-- 2019/6xxx/CVE-2019-6341.json | 34 +-- 2019/6xxx/CVE-2019-6389.json | 34 +-- 2019/6xxx/CVE-2019-6572.json | 34 +-- 2019/7xxx/CVE-2019-7118.json | 34 +-- 2019/7xxx/CVE-2019-7269.json | 34 +-- 2019/7xxx/CVE-2019-7997.json | 34 +-- 2019/8xxx/CVE-2019-8016.json | 34 +-- 2019/8xxx/CVE-2019-8280.json | 122 +++++----- 2019/8xxx/CVE-2019-8675.json | 34 +-- 2019/8xxx/CVE-2019-8724.json | 34 +-- 2019/9xxx/CVE-2019-9247.json | 34 +-- 2019/9xxx/CVE-2019-9824.json | 34 +-- 2019/9xxx/CVE-2019-9838.json | 34 +-- 55 files changed, 2988 insertions(+), 2988 deletions(-) diff --git a/2007/0xxx/CVE-2007-0485.json b/2007/0xxx/CVE-2007-0485.json index 9bb87152304..ef97945c8bb 100644 --- a/2007/0xxx/CVE-2007-0485.json +++ b/2007/0xxx/CVE-2007-0485.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20030303 WebChat (PHP)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/313610/30/25700/threaded" - }, - { - "name" : "3169", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3169" - }, - { - "name" : "7000", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/7000" - }, - { - "name" : "1006193", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1006193" - }, - { - "name" : "8206", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/8206" - }, - { - "name" : "webchat-definesphp-file-include(31624)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31624" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in defines.php in WebChat 0.77 allows remote attackers to execute arbitrary PHP code via a URL in the WEBCHATPATH parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3169", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3169" + }, + { + "name": "webchat-definesphp-file-include(31624)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31624" + }, + { + "name": "20030303 WebChat (PHP)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/313610/30/25700/threaded" + }, + { + "name": "8206", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/8206" + }, + { + "name": "1006193", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1006193" + }, + { + "name": "7000", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/7000" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0873.json b/2007/0xxx/CVE-2007-0873.json index 2fcdc1fc6c3..858003391ac 100644 --- a/2007/0xxx/CVE-2007-0873.json +++ b/2007/0xxx/CVE-2007-0873.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0873", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0873", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070210 nabopoll 1.1.2 sensitive file (admin without password)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459655/100/0/threaded" - }, - { - "name" : "3305", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3305" - }, - { - "name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643", - "refsource" : "MISC", - "url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643" - }, - { - "name" : "20070215 [milw0rm] exploit 3305", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2007-February/001341.html" - }, - { - "name" : "22509", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22509" - }, - { - "name" : "33692", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33692" - }, - { - "name" : "2232", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2232" - }, - { - "name" : "nabopoll-adminscripts-unauthorized-access(32472)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643", + "refsource": "MISC", + "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2643" + }, + { + "name": "2232", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2232" + }, + { + "name": "33692", + "refsource": "OSVDB", + "url": "http://osvdb.org/33692" + }, + { + "name": "22509", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22509" + }, + { + "name": "20070210 nabopoll 1.1.2 sensitive file (admin without password)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459655/100/0/threaded" + }, + { + "name": "3305", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3305" + }, + { + "name": "20070215 [milw0rm] exploit 3305", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2007-February/001341.html" + }, + { + "name": "nabopoll-adminscripts-unauthorized-access(32472)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32472" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3237.json b/2007/3xxx/CVE-2007-3237.json index e44fb66fcce..aeb5547fd5d 100644 --- a/2007/3xxx/CVE-2007-3237.json +++ b/2007/3xxx/CVE-2007-3237.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3237", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3237", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4063", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4063" - }, - { - "name" : "http://www.xoops.org/modules/news/article.php?storyid=3799", - "refsource" : "CONFIRM", - "url" : "http://www.xoops.org/modules/news/article.php?storyid=3799" - }, - { - "name" : "35383", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35383" - }, - { - "name" : "ADV-2007-2204", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2204" - }, - { - "name" : "25652", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25652" - }, - { - "name" : "xoops-tinycontent-spawcontrol-file-include(34839)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34839" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in admin/spaw/spaw_control.class.php in the TinyContent 1.5 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spaw_root parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4063", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4063" + }, + { + "name": "35383", + "refsource": "OSVDB", + "url": "http://osvdb.org/35383" + }, + { + "name": "ADV-2007-2204", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2204" + }, + { + "name": "25652", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25652" + }, + { + "name": "http://www.xoops.org/modules/news/article.php?storyid=3799", + "refsource": "CONFIRM", + "url": "http://www.xoops.org/modules/news/article.php?storyid=3799" + }, + { + "name": "xoops-tinycontent-spawcontrol-file-include(34839)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34839" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3505.json b/2007/3xxx/CVE-2007-3505.json index a125e473396..55bb502b210 100644 --- a/2007/3xxx/CVE-2007-3505.json +++ b/2007/3xxx/CVE-2007-3505.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4115", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4115" - }, - { - "name" : "24671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24671" - }, - { - "name" : "ADV-2007-2373", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2373" - }, - { - "name" : "36485", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36485" - }, - { - "name" : "36486", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36486" - }, - { - "name" : "36487", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36487" - }, - { - "name" : "25868", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25868" - }, - { - "name" : "quicktalkforum-lang-file-include(35117)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35117" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in QuickTalk forum 1.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) sequence in the lang parameter to (1) qtf_checkname.php, (2) qtf_j_birth.php, or (3) qtf_j_exists.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36486", + "refsource": "OSVDB", + "url": "http://osvdb.org/36486" + }, + { + "name": "36487", + "refsource": "OSVDB", + "url": "http://osvdb.org/36487" + }, + { + "name": "36485", + "refsource": "OSVDB", + "url": "http://osvdb.org/36485" + }, + { + "name": "25868", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25868" + }, + { + "name": "24671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24671" + }, + { + "name": "4115", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4115" + }, + { + "name": "ADV-2007-2373", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2373" + }, + { + "name": "quicktalkforum-lang-file-include(35117)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35117" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3580.json b/2007/3xxx/CVE-2007-3580.json index 0130741e3e4..2fa6e2432ca 100644 --- a/2007/3xxx/CVE-2007-3580.json +++ b/2007/3xxx/CVE-2007-3580.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0", - "refsource" : "MISC", - "url" : "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0" - }, - { - "name" : "http://sla.ckers.org/forum/read.php?2,13209,13218", - "refsource" : "MISC", - "url" : "http://sla.ckers.org/forum/read.php?2,13209,13218" - }, - { - "name" : "45755", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45755" - }, - { - "name" : "phpids-newline-xss(35521)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHPIDS does not properly handle certain code containing newlines, as demonstrated by a try/catch block within a loop, which allows user-assisted remote attackers to inject arbitrary web script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0", + "refsource": "MISC", + "url": "http://groups.google.com/group/php-ids/browse_thread/thread/3ec15f69d6b3dba0" + }, + { + "name": "http://sla.ckers.org/forum/read.php?2,13209,13218", + "refsource": "MISC", + "url": "http://sla.ckers.org/forum/read.php?2,13209,13218" + }, + { + "name": "45755", + "refsource": "OSVDB", + "url": "http://osvdb.org/45755" + }, + { + "name": "phpids-newline-xss(35521)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35521" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3673.json b/2007/3xxx/CVE-2007-3673.json index 528295191dc..cc863342302 100644 --- a/2007/3xxx/CVE-2007-3673.json +++ b/2007/3xxx/CVE-2007-3673.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3673", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3673", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554" - }, - { - "name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html", - "refsource" : "CONFIRM", - "url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html" - }, - { - "name" : "22351", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22351" - }, - { - "name" : "36117", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36117" - }, - { - "name" : "ADV-2007-2507", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2507" - }, - { - "name" : "1018372", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018372" - }, - { - "name" : "26042", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26042" - }, - { - "name" : "symantec-multi-symtdi-privilege-escalation(35347)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via a crafted Interrupt Request Packet (Irp) in an IOCTL 0x83022323 request to \\\\symTDI\\, which results in memory overwrite." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26042", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26042" + }, + { + "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html", + "refsource": "CONFIRM", + "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.07.11d.html" + }, + { + "name": "symantec-multi-symtdi-privilege-escalation(35347)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35347" + }, + { + "name": "22351", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22351" + }, + { + "name": "ADV-2007-2507", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2507" + }, + { + "name": "36117", + "refsource": "OSVDB", + "url": "http://osvdb.org/36117" + }, + { + "name": "1018372", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018372" + }, + { + "name": "20070711 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=554" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4135.json b/2007/4xxx/CVE-2007-4135.json index 8d3ba5de9f4..c2ba0021467 100644 --- a/2007/4xxx/CVE-2007-4135.json +++ b/2007/4xxx/CVE-2007-4135.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4135", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by \"root\" instead of \"nobody\" if the file exists on the server but not on the client." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-4135", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MDKSA-2007:240", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:240" - }, - { - "name" : "RHSA-2007:0951", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0951.html" - }, - { - "name" : "SUSE-SR:2007:018", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_18_sr.html" - }, - { - "name" : "26767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26767" - }, - { - "name" : "45825", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45825" - }, - { - "name" : "oval:org.mitre.oval:def:9864", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864" - }, - { - "name" : "26674", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26674" - }, - { - "name" : "27043", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27043" - }, - { - "name" : "nfsv4-idmapper-uid-unspecified(36396)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36396" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The NFSv4 ID mapper (nfsidmap) before 0.17 does not properly handle return values from the getpwnam_r function when performing a username lookup, which can cause it to report a file as being owned by \"root\" instead of \"nobody\" if the file exists on the server but not on the client." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27043", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27043" + }, + { + "name": "oval:org.mitre.oval:def:9864", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9864" + }, + { + "name": "RHSA-2007:0951", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0951.html" + }, + { + "name": "SUSE-SR:2007:018", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_18_sr.html" + }, + { + "name": "26767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26767" + }, + { + "name": "MDKSA-2007:240", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:240" + }, + { + "name": "45825", + "refsource": "OSVDB", + "url": "http://osvdb.org/45825" + }, + { + "name": "26674", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26674" + }, + { + "name": "nfsv4-idmapper-uid-unspecified(36396)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36396" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4249.json b/2007/4xxx/CVE-2007-4249.json index 9ed3ced7519..0316d47582e 100644 --- a/2007/4xxx/CVE-2007-4249.json +++ b/2007/4xxx/CVE-2007-4249.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4249", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The isChecked function in Toolbar.DLL in the ExportNation toolbar for Internet Explorer allows remote attackers to cause a denial of service (NULL dereference and browser crash) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4249", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070804 [ELEYTT] 4SIERPIEN2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475534/100/0/threaded" - }, - { - "name" : "46985", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/46985" - }, - { - "name" : "3004", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3004" - }, - { - "name" : "exportnation-ischecked-dos(35804)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The isChecked function in Toolbar.DLL in the ExportNation toolbar for Internet Explorer allows remote attackers to cause a denial of service (NULL dereference and browser crash) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "exportnation-ischecked-dos(35804)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35804" + }, + { + "name": "20070804 [ELEYTT] 4SIERPIEN2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475534/100/0/threaded" + }, + { + "name": "46985", + "refsource": "OSVDB", + "url": "http://osvdb.org/46985" + }, + { + "name": "3004", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3004" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4667.json b/2007/4xxx/CVE-2007-4667.json index 5a60333f06f..d482e62dd08 100644 --- a/2007/4xxx/CVE-2007-4667.json +++ b/2007/4xxx/CVE-2007-4667.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4667", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4667", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://tracker.firebirdsql.org/browse/CORE-1149", - "refsource" : "MISC", - "url" : "http://tracker.firebirdsql.org/browse/CORE-1149" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=535898", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=535898" - }, - { - "name" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/index.php?op=files&id=engine_202" - }, - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "25497", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25497" - }, - { - "name" : "ADV-2007-3021", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3021" - }, - { - "name" : "26615", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26615" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - }, - { - "name" : "firebird-serviceapi-dos(36356)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36356" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "firebird-serviceapi-dos(36356)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36356" + }, + { + "name": "25497", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25497" + }, + { + "name": "ADV-2007-3021", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3021" + }, + { + "name": "26615", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26615" + }, + { + "name": "http://tracker.firebirdsql.org/browse/CORE-1149", + "refsource": "MISC", + "url": "http://tracker.firebirdsql.org/browse/CORE-1149" + }, + { + "name": "http://www.firebirdsql.org/index.php?op=files&id=engine_202", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/index.php?op=files&id=engine_202" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=535898", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=535898" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + }, + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4980.json b/2007/4xxx/CVE-2007-4980.json index 499fa339443..94d0ff130d4 100644 --- a/2007/4xxx/CVE-2007-4980.json +++ b/2007/4xxx/CVE-2007-4980.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4980", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4980", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070918 GCALDaemon Remote DoS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479816/100/0/threaded" - }, - { - "name" : "25704", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25704" - }, - { - "name" : "40922", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40922" - }, - { - "name" : "3154", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3154" - }, - { - "name" : "gcaldaemon-httplistener-dos(36670)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36670" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40922", + "refsource": "OSVDB", + "url": "http://osvdb.org/40922" + }, + { + "name": "20070918 GCALDaemon Remote DoS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479816/100/0/threaded" + }, + { + "name": "3154", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3154" + }, + { + "name": "gcaldaemon-httplistener-dos(36670)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36670" + }, + { + "name": "25704", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25704" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6317.json b/2007/6xxx/CVE-2007-6317.json index 3cd53e9d8ba..acf81d30e29 100644 --- a/2007/6xxx/CVE-2007-6317.json +++ b/2007/6xxx/CVE-2007-6317.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6317", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484833/100/0/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/barradrive-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/barradrive-adv.txt" - }, - { - "name" : "26805", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26805" - }, - { - "name" : "28032", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28032" - }, - { - "name" : "3434", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in BarracudaDrive Web Server before 3.8 allow (1) remote attackers to read arbitrary files via certain ..\\ (dot dot backslash) sequences in the URL path, or (2) remote authenticated users to delete arbitrary files or create arbitrary directories via a ..\\ (dot dot backslash) sequence in the dir parameter to /drive/c/bdusers/USER/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071210 Multiple vulnerabilities in BarracudaDrive 3.7.2", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484833/100/0/threaded" + }, + { + "name": "28032", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28032" + }, + { + "name": "http://aluigi.altervista.org/adv/barradrive-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/barradrive-adv.txt" + }, + { + "name": "3434", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3434" + }, + { + "name": "26805", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26805" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6347.json b/2007/6xxx/CVE-2007-6347.json index 3a0eae02309..eedbe3b8f0c 100644 --- a/2007/6xxx/CVE-2007-6347.json +++ b/2007/6xxx/CVE-2007-6347.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6347", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6347", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4722", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4722" - }, - { - "name" : "26828", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26828" - }, - { - "name" : "ADV-2007-4207", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4207" - }, - { - "name" : "42628", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/42628" - }, - { - "name" : "28066", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28066" - }, - { - "name" : "viart-blocksitemap-file-include(38993)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38993" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in blocks/block_site_map.php in ViArt (1) CMS 3.3.2, (2) HelpDesk 3.3.2, (3) Shop Evaluation 3.3.2, and (4) Shop Free 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the root_folder_path parameter. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "viart-blocksitemap-file-include(38993)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38993" + }, + { + "name": "26828", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26828" + }, + { + "name": "4722", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4722" + }, + { + "name": "42628", + "refsource": "OSVDB", + "url": "http://osvdb.org/42628" + }, + { + "name": "ADV-2007-4207", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4207" + }, + { + "name": "28066", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28066" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1953.json b/2014/1xxx/CVE-2014-1953.json index 5b11be3698b..19684cbf83d 100644 --- a/2014/1xxx/CVE-2014-1953.json +++ b/2014/1xxx/CVE-2014-1953.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1953", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1953", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5308.json b/2014/5xxx/CVE-2014-5308.json index 0a5a29abbdf..de158cac835 100644 --- a/2014/5xxx/CVE-2014-5308.json +++ b/2014/5xxx/CVE-2014-5308.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5308", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5308", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34863", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34863" - }, - { - "name" : "20141001 CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Oct/11" - }, - { - "name" : "20141001 Re: CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Oct/13" - }, - { - "name" : "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html" - }, - { - "name" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308", - "refsource" : "MISC", - "url" : "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308" - }, - { - "name" : "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3", - "refsource" : "CONFIRM", - "url" : "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3" - }, - { - "name" : "70207", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/70207" - }, - { - "name" : "112524", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/112524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in TestLink 1.9.11 allow remote authenticated users to execute arbitrary SQL commands via the (1) name parameter in a Search action to lib/project/projectView.php or (2) id parameter to lib/events/eventinfo.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3", + "refsource": "CONFIRM", + "url": "https://gitorious.org/testlink-ga/testlink-code/commit/7a099737b4c739bf083df016c0a99f66dd8ac0b3" + }, + { + "name": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308", + "refsource": "MISC", + "url": "https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-5308" + }, + { + "name": "70207", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/70207" + }, + { + "name": "20141001 Re: CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Oct/13" + }, + { + "name": "112524", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/112524" + }, + { + "name": "34863", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34863" + }, + { + "name": "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128521/TestLink-1.9.11-SQL-Injection.html" + }, + { + "name": "20141001 CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Oct/11" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5834.json b/2014/5xxx/CVE-2014-5834.json index af5523ff2e5..e6a4b705a8a 100644 --- a/2014/5xxx/CVE-2014-5834.json +++ b/2014/5xxx/CVE-2014-5834.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5834", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5834", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#274849", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/274849" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Solitaire Deluxe (aka com.gosub60.solfree2) application 2.8.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#274849", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/274849" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5978.json b/2014/5xxx/CVE-2014-5978.json index 5e2913dd68c..d0e7330d00e 100644 --- a/2014/5xxx/CVE-2014-5978.json +++ b/2014/5xxx/CVE-2014-5978.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5978", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5978", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#864273", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/864273" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The memetan (aka memetan.android.com.activity) application 1.1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#864273", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/864273" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2074.json b/2015/2xxx/CVE-2015-2074.json index 4e347e53d22..c1b5787b62e 100644 --- a/2015/2xxx/CVE-2015-2074.json +++ b/2015/2xxx/CVE-2015-2074.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2074", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2074", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2192.json b/2015/2xxx/CVE-2015-2192.json index 4365637e309..168570297cc 100644 --- a/2015/2xxx/CVE-2015-2192.json +++ b/2015/2xxx/CVE-2015-2192.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-11.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-11.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a" - }, - { - "name" : "GLSA-201510-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201510-03" - }, - { - "name" : "openSUSE-SU-2015:0489", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html" - }, - { - "name" : "72937", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72937" - }, - { - "name" : "1031858", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031858" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0489", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-11.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-11.html" + }, + { + "name": "1031858", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031858" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35ca6c051adb28c321db54cc138f18637977c9a" + }, + { + "name": "GLSA-201510-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201510-03" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11024" + }, + { + "name": "72937", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72937" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2856.json b/2015/2xxx/CVE-2015-2856.json index 78665e906df..382f1e9abe1 100644 --- a/2015/2xxx/CVE-2015-2856.json +++ b/2015/2xxx/CVE-2015-2856.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2856", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-2856", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read", - "refsource" : "MISC", - "url" : "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the template function in function.inc in Accellion File Transfer Appliance devices before FTA_9_11_210 allows remote attackers to read arbitrary files via a .. (dot dot) in the statecode cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read", + "refsource": "MISC", + "url": "https://www.rapid7.com/db/modules/auxiliary/scanner/http/accellion_fta_statecode_file_read" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6520.json b/2015/6xxx/CVE-2015-6520.json index a02aaf6ece9..f3c296a46e8 100644 --- a/2015/6xxx/CVE-2015-6520.json +++ b/2015/6xxx/CVE-2015-6520.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150810 CVE Request: ippusbxd", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/11/1" - }, - { - "name" : "[oss-security] 20150818 Re: CVE Request: ippusbxd", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/18/11" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644" - }, - { - "name" : "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f", - "refsource" : "CONFIRM", - "url" : "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f" - }, - { - "name" : "USN-2725-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2725-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20150818 Re: CVE Request: ippusbxd", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/18/11" + }, + { + "name": "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/ippusbxd/+bug/1455644" + }, + { + "name": "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f", + "refsource": "CONFIRM", + "url": "https://github.com/tillkamppeter/ippusbxd/commit/46844402bca7a38fc224483ba6f0a93c4613203f" + }, + { + "name": "USN-2725-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2725-1" + }, + { + "name": "[oss-security] 20150810 CVE Request: ippusbxd", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/11/1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6714.json b/2015/6xxx/CVE-2015-6714.json index 00ad77208e7..f554372ecee 100644 --- a/2015/6xxx/CVE-2015-6714.json +++ b/2015/6xxx/CVE-2015-6714.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6714", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-6714", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-490", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-490" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" - }, - { - "name" : "1033796", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033796" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerability than CVE-2015-6707, CVE-2015-6708, CVE-2015-6709, CVE-2015-6710, CVE-2015-6711, CVE-2015-6712, CVE-2015-6713, CVE-2015-6715, CVE-2015-6716, CVE-2015-6717, CVE-2015-6718, CVE-2015-6719, CVE-2015-6720, CVE-2015-6721, CVE-2015-6722, CVE-2015-6723, CVE-2015-6724, CVE-2015-6725, CVE-2015-7614, CVE-2015-7616, CVE-2015-7618, CVE-2015-7619, CVE-2015-7620, and CVE-2015-7623." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb15-24.html" + }, + { + "name": "1033796", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033796" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-490", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-490" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6818.json b/2015/6xxx/CVE-2015-6818.json index 65012cebc16..57c5ff42598 100644 --- a/2015/6xxx/CVE-2015-6818.json +++ b/2015/6xxx/CVE-2015-6818.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6818", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6818", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html" - }, - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91" - }, - { - "name" : "http://ffmpeg.org/security.html", - "refsource" : "CONFIRM", - "url" : "http://ffmpeg.org/security.html" - }, - { - "name" : "USN-2944-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2944-1" - }, - { - "name" : "1033483", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via a crafted image with two or more of these chunks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2944-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "[debian-lts-announce] 20181220 [SECURITY] [DLA 1611-1] libav security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00009.html" + }, + { + "name": "1033483", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033483" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=47f4e2d8960ca756ca153ab8e3e93d80449b8c91" + }, + { + "name": "http://ffmpeg.org/security.html", + "refsource": "CONFIRM", + "url": "http://ffmpeg.org/security.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7485.json b/2015/7xxx/CVE-2015-7485.json index c14d7f308b8..1436bc87bcf 100644 --- a/2015/7xxx/CVE-2015-7485.json +++ b/2015/7xxx/CVE-2015-7485.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7485", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7485", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" - }, - { - "name" : "ibm-relm-cve20157485-xss(108626)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/108626" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983720" + }, + { + "name": "ibm-relm-cve20157485-xss(108626)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/108626" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0102.json b/2016/0xxx/CVE-2016-0102.json index fa9562c97ba..2fc3865d0a7 100644 --- a/2016/0xxx/CVE-2016-0102.json +++ b/2016/0xxx/CVE-2016-0102.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-023", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" - }, - { - "name" : "MS16-024", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" - }, - { - "name" : "84018", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84018" - }, - { - "name" : "1035203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035203" - }, - { - "name" : "1035204", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, CVE-2016-0109, and CVE-2016-0114." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035204", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035204" + }, + { + "name": "84018", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84018" + }, + { + "name": "MS16-024", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" + }, + { + "name": "1035203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035203" + }, + { + "name": "MS16-023", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0318.json b/2016/0xxx/CVE-2016-0318.json index 07955249560..11df70dc4ce 100644 --- a/2016/0xxx/CVE-2016-0318.json +++ b/2016/0xxx/CVE-2016-0318.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0318", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0318", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983137", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21983137" - }, - { - "name" : "92466", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92466" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006 does not destroy a Session ID upon a logout action, which allows remote attackers to obtain access by leveraging an unattended workstation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21983137", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21983137" + }, + { + "name": "92466", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92466" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0832.json b/2016/0xxx/CVE-2016-0832.json index 794aad9c4aa..76309e7f424 100644 --- a/2016/0xxx/CVE-2016-0832.json +++ b/2016/0xxx/CVE-2016-0832.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0832", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-0832", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2016-03-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-03-01.html" - }, - { - "name" : "84264", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84264" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Setup Wizard in Android 5.1.x before LMY49H and 6.x before 2016-03-01 allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25955042." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2016-03-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-03-01.html" + }, + { + "name": "84264", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84264" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000233.json b/2016/1000xxx/CVE-2016-1000233.json index dc828055010..2fe8d42b044 100644 --- a/2016/1000xxx/CVE-2016-1000233.json +++ b/2016/1000xxx/CVE-2016-1000233.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000233", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000233", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10261.json b/2016/10xxx/CVE-2016-10261.json index 11ea3e441ea..05aa5e9162b 100644 --- a/2016/10xxx/CVE-2016-10261.json +++ b/2016/10xxx/CVE-2016-10261.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10261", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10261", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4691.json b/2016/4xxx/CVE-2016-4691.json index 01b06e3d738..fb253fe9a57 100644 --- a/2016/4xxx/CVE-2016-4691.json +++ b/2016/4xxx/CVE-2016-4691.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4691", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"FontParser\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4691", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207422", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207422" - }, - { - "name" : "https://support.apple.com/HT207423", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207423" - }, - { - "name" : "https://support.apple.com/HT207487", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207487" - }, - { - "name" : "94905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94905" - }, - { - "name" : "1037469", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037469" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the \"FontParser\" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT207487", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207487" + }, + { + "name": "https://support.apple.com/HT207422", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207422" + }, + { + "name": "94905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94905" + }, + { + "name": "1037469", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037469" + }, + { + "name": "https://support.apple.com/HT207423", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207423" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4838.json b/2016/4xxx/CVE-2016-4838.json index 048a91376aa..f094fc298e9 100644 --- a/2016/4xxx/CVE-2016-4838.json +++ b/2016/4xxx/CVE-2016-4838.json @@ -1,184 +1,184 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Money Forward", + "version": { + "version_data": [ + { + "version_value": "prior to v7.18.0" + } + ] + } + }, + { + "product_name": "Money Forward for The Gunma Bank", + "version": { + "version_data": [ + { + "version_value": "prior to v1.2.0" + } + ] + } + }, + { + "product_name": "Money Forward for SHIGA BANK", + "version": { + "version_data": [ + { + "version_value": "prior to v1.2.0" + } + ] + } + }, + { + "product_name": "Money Forward for SHIZUOKA BANK", + "version": { + "version_data": [ + { + "version_value": "prior to v1.4.0" + } + ] + } + }, + { + "product_name": "Money Forward for SBI Sumishin Net Bank", + "version": { + "version_data": [ + { + "version_value": "prior to v1.6.0" + } + ] + } + }, + { + "product_name": "Money Forward for Tokai Tokyo Securities", + "version": { + "version_data": [ + { + "version_value": "prior to v1.4.0" + } + ] + } + }, + { + "product_name": "Money Forward for THE TOHO BANK", + "version": { + "version_data": [ + { + "version_value": "prior to v1.3.0" + } + ] + } + }, + { + "product_name": "Money Forward for YMFG", + "version": { + "version_data": [ + { + "version_value": "prior to v1.5.0" + } + ] + } + } + ] + }, + "vendor_name": "Money Foward, Inc." + }, + { + "product": { + "product_data": [ + { + "product_name": "Money Forward for AppPass", + "version": { + "version_data": [ + { + "version_value": "prior to v7.18.3" + } + ] + } + }, + { + "product_name": "Money Forward for au SMARTPASS", + "version": { + "version_data": [ + { + "version_value": "prior to v7.18.0" + } + ] + } + }, + { + "product_name": "Money Forward for Chou Houdai", + "version": { + "version_data": [ + { + "version_value": "prior to v7.18.3" + } + ] + } + } + ] + }, + "vendor_name": "SOURCENEXT CORPORATION" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Money Forward", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v7.18.0" - } - ] - } - }, - { - "product_name" : "Money Forward for The Gunma Bank", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.2.0" - } - ] - } - }, - { - "product_name" : "Money Forward for SHIGA BANK", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.2.0" - } - ] - } - }, - { - "product_name" : "Money Forward for SHIZUOKA BANK", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.4.0" - } - ] - } - }, - { - "product_name" : "Money Forward for SBI Sumishin Net Bank", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.6.0" - } - ] - } - }, - { - "product_name" : "Money Forward for Tokai Tokyo Securities", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.4.0" - } - ] - } - }, - { - "product_name" : "Money Forward for THE TOHO BANK", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.3.0" - } - ] - } - }, - { - "product_name" : "Money Forward for YMFG", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v1.5.0" - } - ] - } - } - ] - }, - "vendor_name" : "Money Foward, Inc." + "lang": "eng", + "value": "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION allows an attacker to execute unintended operations via a specially crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unintended operation execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.sourcenext.com/support/i/160725_1", + "refsource": "MISC", + "url": "http://www.sourcenext.com/support/i/160725_1" }, { - "product" : { - "product_data" : [ - { - "product_name" : "Money Forward for AppPass", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v7.18.3" - } - ] - } - }, - { - "product_name" : "Money Forward for au SMARTPASS", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v7.18.0" - } - ] - } - }, - { - "product_name" : "Money Forward for Chou Houdai", - "version" : { - "version_data" : [ - { - "version_value" : "prior to v7.18.3" - } - ] - } - } - ] - }, - "vendor_name" : "SOURCENEXT CORPORATION" + "name": "JVN#49343562", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN49343562/index.html" + }, + { + "name": "http://corp.moneyforward.com/info/20160920-mf-android/", + "refsource": "CONFIRM", + "url": "http://corp.moneyforward.com/info/20160920-mf-android/" + }, + { + "name": "93034", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93034" } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. and Money Forward for AppPass (prior to v7.18.3), Money Forward for au SMARTPASS (prior to v7.18.0), Money Forward for Chou Houdai (prior to v7.18.3) provided by SOURCENEXT CORPORATION allows an attacker to execute unintended operations via a specially crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Unintended operation execution" - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sourcenext.com/support/i/160725_1", - "refsource" : "MISC", - "url" : "http://www.sourcenext.com/support/i/160725_1" - }, - { - "name" : "http://corp.moneyforward.com/info/20160920-mf-android/", - "refsource" : "CONFIRM", - "url" : "http://corp.moneyforward.com/info/20160920-mf-android/" - }, - { - "name" : "JVN#49343562", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN49343562/index.html" - }, - { - "name" : "93034", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93034" - } - ] - } -} + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4937.json b/2016/4xxx/CVE-2016-4937.json index 241d2807ac7..910376aadb9 100644 --- a/2016/4xxx/CVE-2016-4937.json +++ b/2016/4xxx/CVE-2016-4937.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4937", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-4937", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9414.json b/2016/9xxx/CVE-2016-9414.json index 6c61f6693b3..28d532662c5 100644 --- a/2016/9xxx/CVE-2016-9414.json +++ b/2016/9xxx/CVE-2016-9414.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9414", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9414", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/10/8" - }, - { - "name" : "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/18/1" - }, - { - "name" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/", - "refsource" : "CONFIRM", - "url" : "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/" - }, - { - "name" : "94395", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94395" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow remote attackers to obtain sensitive information by leveraging missing directory listing protection in upload directories." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94395", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94395" + }, + { + "name": "[oss-security] 20161117 Re: CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/18/1" + }, + { + "name": "[oss-security] 20161110 CVE request: MyBB multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/10/8" + }, + { + "name": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/", + "refsource": "CONFIRM", + "url": "https://blog.mybb.com/2016/03/11/mybb-1-8-7-merge-system-1-8-7-release/" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9812.json b/2016/9xxx/CVE-2016-9812.json index 8233535cf9a..4ce8c9bf119 100644 --- a/2016/9xxx/CVE-2016-9812.json +++ b/2016/9xxx/CVE-2016-9812.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9812", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161201 gstreamer multiple issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/01/2" - }, - { - "name" : "[oss-security] 20161204 Re: gstreamer multiple issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/12/05/8" - }, - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=775048", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=775048" - }, - { - "name" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", - "refsource" : "CONFIRM", - "url" : "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2" - }, - { - "name" : "DSA-3818", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3818" - }, - { - "name" : "GLSA-201705-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201705-10" - }, - { - "name" : "RHSA-2017:0021", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2017-0021.html" - }, - { - "name" : "95160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95160" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The gst_mpegts_section_new function in the mpegts decoder in GStreamer before 1.10.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a too small section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3818", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3818" + }, + { + "name": "RHSA-2017:0021", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2017-0021.html" + }, + { + "name": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2", + "refsource": "CONFIRM", + "url": "https://gstreamer.freedesktop.org/releases/1.10/#1.10.2" + }, + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=775048", + "refsource": "CONFIRM", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=775048" + }, + { + "name": "95160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95160" + }, + { + "name": "[oss-security] 20161204 Re: gstreamer multiple issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/05/8" + }, + { + "name": "GLSA-201705-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201705-10" + }, + { + "name": "[oss-security] 20161201 gstreamer multiple issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/12/01/2" + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003003.json b/2019/1003xxx/CVE-2019-1003003.json index 32d17632030..36ed49857c3 100644 --- a/2019/1003xxx/CVE-2019-1003003.json +++ b/2019/1003xxx/CVE-2019-1003003.json @@ -1,69 +1,69 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-01-21T19:07:26.674486", - "ID" : "CVE-2019-1003003", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins", - "version" : { - "version_data" : [ - { - "version_value" : "2.158 and earlier, LTS 2.150.1 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-613" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-01-21T19:07:26.674486", + "ID": "CVE-2019-1003003", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jenkins", + "version": { + "version_data": [ + { + "version_value": "2.158 and earlier, LTS 2.150.1 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868" - }, - { - "name" : "106680", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106680" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An improper authorization vulnerability exists in Jenkins 2.158 and earlier, LTS 2.150.1 and earlier in core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java that allows attackers with Overall/RunScripts permission to craft Remember Me cookies that would never expire, allowing e.g. to persist access to temporarily compromised user accounts." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-613" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-01-16/#SECURITY-868" + }, + { + "name": "106680", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106680" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2088.json b/2019/2xxx/CVE-2019-2088.json index c0e2d79c8ca..fb465d138e2 100644 --- a/2019/2xxx/CVE-2019-2088.json +++ b/2019/2xxx/CVE-2019-2088.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2088", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2088", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2547.json b/2019/2xxx/CVE-2019-2547.json index fc6bdbabe5f..e88c9d90be4 100644 --- a/2019/2xxx/CVE-2019-2547.json +++ b/2019/2xxx/CVE-2019-2547.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Oracle Database", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "11.2.0.4" - }, - { - "version_affected" : "=", - "version_value" : "12.1.0.2" - }, - { - "version_affected" : "=", - "version_value" : "12.2.0.1" - }, - { - "version_affected" : "=", - "version_value" : "18c" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.0 Base Score 3.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Oracle Database", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "11.2.0.4" + }, + { + "version_affected": "=", + "version_value": "12.1.0.2" + }, + { + "version_affected": "=", + "version_value": "12.2.0.1" + }, + { + "version_affected": "=", + "version_value": "18c" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106594", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106594" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM. CVSS 3.0 Base Score 3.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java VM." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "106594", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106594" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2886.json b/2019/2xxx/CVE-2019-2886.json index 5e5667cf372..d3e43eac20a 100644 --- a/2019/2xxx/CVE-2019-2886.json +++ b/2019/2xxx/CVE-2019-2886.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2886", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2886", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3090.json b/2019/3xxx/CVE-2019-3090.json index c8735cdcd52..3ec5a6f62a5 100644 --- a/2019/3xxx/CVE-2019-3090.json +++ b/2019/3xxx/CVE-2019-3090.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3090", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3090", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3305.json b/2019/3xxx/CVE-2019-3305.json index 9ee6d3da7f3..153591c71c6 100644 --- a/2019/3xxx/CVE-2019-3305.json +++ b/2019/3xxx/CVE-2019-3305.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3305", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3305", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3972.json b/2019/3xxx/CVE-2019-3972.json index 4563e7f8ce4..e05312ebeb8 100644 --- a/2019/3xxx/CVE-2019-3972.json +++ b/2019/3xxx/CVE-2019-3972.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3972", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3972", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6019.json b/2019/6xxx/CVE-2019-6019.json index d80d83a3c8e..acab4fbea16 100644 --- a/2019/6xxx/CVE-2019-6019.json +++ b/2019/6xxx/CVE-2019-6019.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6019", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6019", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6237.json b/2019/6xxx/CVE-2019-6237.json index 1f3ca848bf3..98a3e433820 100644 --- a/2019/6xxx/CVE-2019-6237.json +++ b/2019/6xxx/CVE-2019-6237.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6237", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6237", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6341.json b/2019/6xxx/CVE-2019-6341.json index 30e438c99a2..83333b39c25 100644 --- a/2019/6xxx/CVE-2019-6341.json +++ b/2019/6xxx/CVE-2019-6341.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6341", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6341", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6389.json b/2019/6xxx/CVE-2019-6389.json index aaabbf57298..04f3a41ef4b 100644 --- a/2019/6xxx/CVE-2019-6389.json +++ b/2019/6xxx/CVE-2019-6389.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6389", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6389", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6572.json b/2019/6xxx/CVE-2019-6572.json index 0298c839414..83ebe75e33e 100644 --- a/2019/6xxx/CVE-2019-6572.json +++ b/2019/6xxx/CVE-2019-6572.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6572", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6572", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7118.json b/2019/7xxx/CVE-2019-7118.json index 60df1a265ac..5245554afd4 100644 --- a/2019/7xxx/CVE-2019-7118.json +++ b/2019/7xxx/CVE-2019-7118.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7118", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7118", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7269.json b/2019/7xxx/CVE-2019-7269.json index 5d76f5cb019..21bcb0215ad 100644 --- a/2019/7xxx/CVE-2019-7269.json +++ b/2019/7xxx/CVE-2019-7269.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7269", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7269", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7997.json b/2019/7xxx/CVE-2019-7997.json index 7798493451a..b03319e5a03 100644 --- a/2019/7xxx/CVE-2019-7997.json +++ b/2019/7xxx/CVE-2019-7997.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7997", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7997", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8016.json b/2019/8xxx/CVE-2019-8016.json index 2dcada546f8..4c8259bf62e 100644 --- a/2019/8xxx/CVE-2019-8016.json +++ b/2019/8xxx/CVE-2019-8016.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8016", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8016", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8280.json b/2019/8xxx/CVE-2019-8280.json index a8d7c3dfcda..bde1b2e13d0 100644 --- a/2019/8xxx/CVE-2019-8280.json +++ b/2019/8xxx/CVE-2019-8280.json @@ -1,63 +1,63 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "DATE_PUBLIC" : "2019-03-01T00:00:00", - "ID" : "CVE-2019-8280", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "UltraVNC", - "version" : { - "version_data" : [ - { - "version_value" : "1.2.2.3" - } - ] - } - } - ] - }, - "vendor_name" : "Kaspersky Lab" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-788: Access of Memory Location After End of Buffer" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "DATE_PUBLIC": "2019-03-01T00:00:00", + "ID": "CVE-2019-8280", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "UltraVNC", + "version": { + "version_data": [ + { + "version_value": "1.2.2.3" + } + ] + } + } + ] + }, + "vendor_name": "Kaspersky Lab" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/", - "refsource" : "MISC", - "url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC client inside RAW decoder, which can potentially result code execution. This attack appear to be exploitable via network connectivity. This vulnerability has been fixed in revision 1204." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-788: Access of Memory Location After End of Buffer" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/", + "refsource": "MISC", + "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/03/01/klcert-19-009-ultravnc-access-of-memory-location-after-end-of-buffer/" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8675.json b/2019/8xxx/CVE-2019-8675.json index 7f3c568c729..ccd2282c938 100644 --- a/2019/8xxx/CVE-2019-8675.json +++ b/2019/8xxx/CVE-2019-8675.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8675", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8675", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8724.json b/2019/8xxx/CVE-2019-8724.json index 5cd52decce3..295dca995bd 100644 --- a/2019/8xxx/CVE-2019-8724.json +++ b/2019/8xxx/CVE-2019-8724.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8724", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8724", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9247.json b/2019/9xxx/CVE-2019-9247.json index 95ca331f274..bbc2d11075c 100644 --- a/2019/9xxx/CVE-2019-9247.json +++ b/2019/9xxx/CVE-2019-9247.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9247", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9247", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9824.json b/2019/9xxx/CVE-2019-9824.json index 96583d3d940..1f1c7b59b14 100644 --- a/2019/9xxx/CVE-2019-9824.json +++ b/2019/9xxx/CVE-2019-9824.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9824", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9824", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9838.json b/2019/9xxx/CVE-2019-9838.json index a99b2e1cec7..739ce0773ef 100644 --- a/2019/9xxx/CVE-2019-9838.json +++ b/2019/9xxx/CVE-2019-9838.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9838", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9838", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file