diff --git a/2007/2xxx/CVE-2007-2182.json b/2007/2xxx/CVE-2007-2182.json index b905c8d58d2..b4dccb9219c 100644 --- a/2007/2xxx/CVE-2007-2182.json +++ b/2007/2xxx/CVE-2007-2182.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2182", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2182", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3775", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3775" - }, - { - "name" : "23614", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23614" - }, - { - "name" : "ADV-2007-1493", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1493" - }, - { - "name" : "24968", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24968" - }, - { - "name" : "maranforum-pagename-code-execution(33802)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33802" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3775", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3775" + }, + { + "name": "maranforum-pagename-code-execution(33802)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33802" + }, + { + "name": "23614", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23614" + }, + { + "name": "ADV-2007-1493", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1493" + }, + { + "name": "24968", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24968" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2581.json b/2007/2xxx/CVE-2007-2581.json index 658bd678035..a21f7ebdae4 100644 --- a/2007/2xxx/CVE-2007-2581.json +++ b/2007/2xxx/CVE-2007-2581.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2581", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in \"every main page,\" as demonstrated by default.aspx." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2581", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070504 XSS in Microsoft SharePoint", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467738/100/0/threaded" - }, - { - "name" : "20070505 RE: XSS in Microsoft SharePoint", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467749/100/0/threaded" - }, - { - "name" : "20070513 Re: XSS in Microsoft SharePoint", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2007-05/0196.html" - }, - { - "name" : "HPSBST02280", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/482366/100/0/threaded" - }, - { - "name" : "SSRT071480", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/482366/100/0/threaded" - }, - { - "name" : "MS07-059", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-059" - }, - { - "name" : "TA07-282A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" - }, - { - "name" : "23832", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23832" - }, - { - "name" : "37630", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37630" - }, - { - "name" : "ADV-2007-3439", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3439" - }, - { - "name" : "oval:org.mitre.oval:def:2286", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2286" - }, - { - "name" : "1018789", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018789" - }, - { - "name" : "27148", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27148" - }, - { - "name" : "2682", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2682" - }, - { - "name" : "sharepoint-default-pathinfo-xss(34343)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34343" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Microsoft Windows SharePoint Services 3.0 for Windows Server 2003 and Office SharePoint Server 2007 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) in \"every main page,\" as demonstrated by default.aspx." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oval:org.mitre.oval:def:2286", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2286" + }, + { + "name": "23832", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23832" + }, + { + "name": "MS07-059", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-059" + }, + { + "name": "1018789", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018789" + }, + { + "name": "20070513 Re: XSS in Microsoft SharePoint", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2007-05/0196.html" + }, + { + "name": "HPSBST02280", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" + }, + { + "name": "SSRT071480", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/482366/100/0/threaded" + }, + { + "name": "37630", + "refsource": "OSVDB", + "url": "http://osvdb.org/37630" + }, + { + "name": "sharepoint-default-pathinfo-xss(34343)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34343" + }, + { + "name": "20070504 XSS in Microsoft SharePoint", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467738/100/0/threaded" + }, + { + "name": "27148", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27148" + }, + { + "name": "ADV-2007-3439", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3439" + }, + { + "name": "2682", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2682" + }, + { + "name": "20070505 RE: XSS in Microsoft SharePoint", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467749/100/0/threaded" + }, + { + "name": "TA07-282A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-282A.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3063.json b/2007/3xxx/CVE-2007-3063.json index 0f4f1857b95..27caca5dcb9 100644 --- a/2007/3xxx/CVE-2007-3063.json +++ b/2007/3xxx/CVE-2007-3063.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3063", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3063", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070604 My Datebook SQL Injection + XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/470483/100/0/threaded" - }, - { - "name" : "24311", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24311" - }, - { - "name" : "38384", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38384" - }, - { - "name" : "mydatabook-diary-sql-injection(34716)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34716" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in diary.php in My Databook allows remote attackers to execute arbitrary SQL commands via the delete parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070604 My Datebook SQL Injection + XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/470483/100/0/threaded" + }, + { + "name": "24311", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24311" + }, + { + "name": "mydatabook-diary-sql-injection(34716)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34716" + }, + { + "name": "38384", + "refsource": "OSVDB", + "url": "http://osvdb.org/38384" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3373.json b/2007/3xxx/CVE-2007-3373.json index f6e86bb9075..b7d83d86408 100644 --- a/2007/3xxx/CVE-2007-3373.json +++ b/2007/3xxx/CVE-2007-3373.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3373", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[cluster-devel] 20070619 cluster/cman/daemon daemon.c", - "refsource" : "MLIST", - "url" : "https://www.redhat.com/archives/cluster-devel/2007-June/msg00130.html" - }, - { - "name" : "45381", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45381" - }, - { - "name" : "clusterproject-proc-information-disclosure(35152)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35152" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "daemon.c in cman (redhat-cluster-suite) before 20070622 does not clear a buffer for reading requests, which might allow local users to obtain sensitive information from previous requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "45381", + "refsource": "OSVDB", + "url": "http://osvdb.org/45381" + }, + { + "name": "clusterproject-proc-information-disclosure(35152)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35152" + }, + { + "name": "[cluster-devel] 20070619 cluster/cman/daemon daemon.c", + "refsource": "MLIST", + "url": "https://www.redhat.com/archives/cluster-devel/2007-June/msg00130.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3647.json b/2007/3xxx/CVE-2007-3647.json index f321214ed44..921238e2b6e 100644 --- a/2007/3xxx/CVE-2007-3647.json +++ b/2007/3xxx/CVE-2007-3647.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3647", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to \"traffic.\" NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3647", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070706 phpTrafficA <=1.4.3 Admin Login Bypass", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473041/100/0/threaded" - }, - { - "name" : "http://corryl.altervista.org/index.php?mod=read&id=1183748959", - "refsource" : "MISC", - "url" : "http://corryl.altervista.org/index.php?mod=read&id=1183748959" - }, - { - "name" : "24823", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24823" - }, - { - "name" : "37477", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37477" - }, - { - "name" : "25976", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25976" - }, - { - "name" : "2870", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2870" - }, - { - "name" : "phptraffica-username-security-bypass(35290)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35290" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The isloggedin function in Php/login.inc.php in phpTrafficA 1.4.3 and earlier allows remote attackers to bypass authentication and obtain administrative access by setting the username cookie to \"traffic.\" NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25976", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25976" + }, + { + "name": "http://corryl.altervista.org/index.php?mod=read&id=1183748959", + "refsource": "MISC", + "url": "http://corryl.altervista.org/index.php?mod=read&id=1183748959" + }, + { + "name": "20070706 phpTrafficA <=1.4.3 Admin Login Bypass", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473041/100/0/threaded" + }, + { + "name": "phptraffica-username-security-bypass(35290)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35290" + }, + { + "name": "2870", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2870" + }, + { + "name": "24823", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24823" + }, + { + "name": "37477", + "refsource": "OSVDB", + "url": "http://osvdb.org/37477" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3655.json b/2007/3xxx/CVE-2007-3655.json index 2ab005b6e62..1f2644511f7 100644 --- a/2007/3xxx/CVE-2007-3655.json +++ b/2007/3xxx/CVE-2007-3655.json @@ -1,202 +1,202 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3655", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3655", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070709 EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473224/100/0/threaded" - }, - { - "name" : "20070711 SUN Java JNLP Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473356/100/0/threaded" - }, - { - "name" : "30284", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/30284" - }, - { - "name" : "20070711 SUN Java JNLP Overflow", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064552.html" - }, - { - "name" : "http://research.eeye.com/html/advisories/published/AD20070705.html", - "refsource" : "MISC", - "url" : "http://research.eeye.com/html/advisories/published/AD20070705.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307177", - "refsource" : "MISC", - "url" : "http://docs.info.apple.com/article.html?artnum=307177" - }, - { - "name" : "APPLE-SA-2007-12-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html" - }, - { - "name" : "GLSA-200804-20", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" - }, - { - "name" : "GLSA-200804-28", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200804-28.xml" - }, - { - "name" : "GLSA-200806-11", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" - }, - { - "name" : "RHSA-2007:0818", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0818.html" - }, - { - "name" : "RHSA-2007:0829", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0829.html" - }, - { - "name" : "102996", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1" - }, - { - "name" : "SUSE-SA:2007:056", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html" - }, - { - "name" : "24832", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24832" - }, - { - "name" : "37756", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37756" - }, - { - "name" : "oval:org.mitre.oval:def:11367", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11367" - }, - { - "name" : "ADV-2007-2477", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2477" - }, - { - "name" : "ADV-2007-4224", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4224" - }, - { - "name" : "1018346", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018346" - }, - { - "name" : "25981", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25981" - }, - { - "name" : "26314", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26314" - }, - { - "name" : "26369", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26369" - }, - { - "name" : "27266", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27266" - }, - { - "name" : "28115", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28115" - }, - { - "name" : "29858", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29858" - }, - { - "name" : "30780", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30780" - }, - { - "name" : "2874", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2874" - }, - { - "name" : "sun-java-jnlp-bo(35320)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35320" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in javaws.exe in Sun Java Web Start in JRE 5.0 Update 11 and earlier, and 6.0 Update 1 and earlier, allows remote attackers to execute arbitrary code via a long codebase attribute in a JNLP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2007:0818", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0818.html" + }, + { + "name": "37756", + "refsource": "OSVDB", + "url": "http://osvdb.org/37756" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307177", + "refsource": "MISC", + "url": "http://docs.info.apple.com/article.html?artnum=307177" + }, + { + "name": "ADV-2007-2477", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2477" + }, + { + "name": "26314", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26314" + }, + { + "name": "24832", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24832" + }, + { + "name": "26369", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26369" + }, + { + "name": "sun-java-jnlp-bo(35320)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35320" + }, + { + "name": "GLSA-200804-28", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200804-28.xml" + }, + { + "name": "29858", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29858" + }, + { + "name": "APPLE-SA-2007-12-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Dec/msg00001.html" + }, + { + "name": "25981", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25981" + }, + { + "name": "2874", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2874" + }, + { + "name": "http://research.eeye.com/html/advisories/published/AD20070705.html", + "refsource": "MISC", + "url": "http://research.eeye.com/html/advisories/published/AD20070705.html" + }, + { + "name": "1018346", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018346" + }, + { + "name": "ADV-2007-4224", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4224" + }, + { + "name": "20070711 SUN Java JNLP Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473356/100/0/threaded" + }, + { + "name": "30780", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30780" + }, + { + "name": "20070709 EEYE: Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473224/100/0/threaded" + }, + { + "name": "27266", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27266" + }, + { + "name": "102996", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1" + }, + { + "name": "SUSE-SA:2007:056", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_56_ibmjava.html" + }, + { + "name": "oval:org.mitre.oval:def:11367", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11367" + }, + { + "name": "28115", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28115" + }, + { + "name": "30284", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/30284" + }, + { + "name": "GLSA-200804-20", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-20.xml" + }, + { + "name": "GLSA-200806-11", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200806-11.xml" + }, + { + "name": "RHSA-2007:0829", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0829.html" + }, + { + "name": "20070711 SUN Java JNLP Overflow", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064552.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3727.json b/2007/3xxx/CVE-2007-3727.json index 0697cb55ea8..5ae12e072e9 100644 --- a/2007/3xxx/CVE-2007-3727.json +++ b/2007/3xxx/CVE-2007-3727.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3727", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the \"administration area.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3727", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=145#npos145", - "refsource" : "CONFIRM", - "url" : "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=145#npos145" - }, - { - "name" : "24879", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24879" - }, - { - "name" : "36731", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36731" - }, - { - "name" : "ADV-2007-2465", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2465" - }, - { - "name" : "26019", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26019" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Webmatic before 2.7 have unknown impact and attack vectors, related to the \"administration area.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26019", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26019" + }, + { + "name": "24879", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24879" + }, + { + "name": "36731", + "refsource": "OSVDB", + "url": "http://osvdb.org/36731" + }, + { + "name": "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=145#npos145", + "refsource": "CONFIRM", + "url": "http://www.valarsoft.com/index.php?page=home¬izie=¬ID=145#npos145" + }, + { + "name": "ADV-2007-2465", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2465" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3905.json b/2007/3xxx/CVE-2007-3905.json index 575cce3c510..0340fb51ae1 100644 --- a/2007/3xxx/CVE-2007-3905.json +++ b/2007/3xxx/CVE-2007-3905.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=523104&group_id=69353", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=523104&group_id=69353" - }, - { - "name" : "DSA-1389", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1389" - }, - { - "name" : "24933", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24933" - }, - { - "name" : "26077", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26077" - }, - { - "name" : "27303", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27303" - }, - { - "name" : "zoph-photos-editphotos-sql-injection(35446)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35446" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Zoph before 0.7.0.1 might allow remote attackers to execute arbitrary SQL commands via the _order parameter to (1) photos.php and (2) edit_photos.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "zoph-photos-editphotos-sql-injection(35446)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35446" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=523104&group_id=69353", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=523104&group_id=69353" + }, + { + "name": "27303", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27303" + }, + { + "name": "24933", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24933" + }, + { + "name": "DSA-1389", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1389" + }, + { + "name": "26077", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26077" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4333.json b/2007/4xxx/CVE-2007-4333.json index c675154e40f..a1599812ece 100644 --- a/2007/4xxx/CVE-2007-4333.json +++ b/2007/4xxx/CVE-2007-4333.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote attackers to inject arbitrary web script or HTML via the (1) f_emailaddress, (2) f_reemailaddress, and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "25309", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25309" - }, - { - "name" : "36423", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36423" - }, - { - "name" : "26163", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26163" - }, - { - "name" : "article-signup-xss(35978)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35978" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in signup.php in Article Dashboard allow remote attackers to inject arbitrary web script or HTML via the (1) f_emailaddress, (2) f_reemailaddress, and other unspecified parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "article-signup-xss(35978)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35978" + }, + { + "name": "26163", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26163" + }, + { + "name": "25309", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25309" + }, + { + "name": "36423", + "refsource": "OSVDB", + "url": "http://osvdb.org/36423" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4369.json b/2007/4xxx/CVE-2007-4369.json index 2266fa42feb..220eda4bcec 100644 --- a/2007/4xxx/CVE-2007-4369.json +++ b/2007/4xxx/CVE-2007-4369.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070813 SOTEeSKLEP Remote File Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476268/100/0/threaded" - }, - { - "name" : "20070814 Re: SOTEeSKLEP Remote File Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476445/100/0/threaded" - }, - { - "name" : "4282", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4282" - }, - { - "name" : "25286", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25286" - }, - { - "name" : "26472", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26472" - }, - { - "name" : "soteesklep-file-information-disclosure(35973)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35973" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in go/_files in SOTEeSKLEP before 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "soteesklep-file-information-disclosure(35973)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35973" + }, + { + "name": "20070813 SOTEeSKLEP Remote File Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476268/100/0/threaded" + }, + { + "name": "4282", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4282" + }, + { + "name": "20070814 Re: SOTEeSKLEP Remote File Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476445/100/0/threaded" + }, + { + "name": "26472", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26472" + }, + { + "name": "25286", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25286" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6038.json b/2007/6xxx/CVE-2007-6038.json index ac259c6fe6d..ed36ea5201c 100644 --- a/2007/6xxx/CVE-2007-6038.json +++ b/2007/6xxx/CVE-2007-6038.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6038", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6038", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4636", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4636" - }, - { - "name" : "26499", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26499" - }, - { - "name" : "joomla-juser-xajaxfunctions-file-include(38555)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in xajax_functions.php in the JUser (com_juser) 1.0.14 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "joomla-juser-xajaxfunctions-file-include(38555)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38555" + }, + { + "name": "26499", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26499" + }, + { + "name": "4636", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4636" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6213.json b/2007/6xxx/CVE-2007-6213.json index c390d793b10..e3357cb11aa 100644 --- a/2007/6xxx/CVE-2007-6213.json +++ b/2007/6xxx/CVE-2007-6213.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6213", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6213", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4677", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4677" - }, - { - "name" : "26640", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26640" - }, - { - "name" : "39699", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39699" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) Root and (2) Path parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26640", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26640" + }, + { + "name": "4677", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4677" + }, + { + "name": "39699", + "refsource": "OSVDB", + "url": "http://osvdb.org/39699" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6549.json b/2007/6xxx/CVE-2007-6549.json index 30d82f269dd..79fd887f19f 100644 --- a/2007/6xxx/CVE-2007-6549.json +++ b/2007/6xxx/CVE-2007-6549.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to \"pagetype using.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131", - "refsource" : "CONFIRM", - "url" : "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131" - }, - { - "name" : "41252", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41252" - }, - { - "name" : "runcms-pagetype-unspecified(39299)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39299" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in RunCMS before 1.6.1 has unknown impact and attack vectors, related to \"pagetype using.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41252", + "refsource": "OSVDB", + "url": "http://osvdb.org/41252" + }, + { + "name": "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131", + "refsource": "CONFIRM", + "url": "http://www.runcms.org/modules/mydownloads/singlefile.php?lid=131" + }, + { + "name": "runcms-pagetype-unspecified(39299)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39299" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6714.json b/2007/6xxx/CVE-2007-6714.json index 4b3d0e5d206..478b6cc806c 100644 --- a/2007/6xxx/CVE-2007-6714.json +++ b/2007/6xxx/CVE-2007-6714.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6714", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6714", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Dbmail-dev] 20071216 [DBMail 0000662]: Ability to bypass authentication.", - "refsource" : "MLIST", - "url" : "http://www.mail-archive.com/dbmail-dev@dbmail.org/msg09942.html" - }, - { - "name" : "http://dbmail.org/index.php?page=news&id=44", - "refsource" : "CONFIRM", - "url" : "http://dbmail.org/index.php?page=news&id=44" - }, - { - "name" : "FEDORA-2008-3333", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00549.html" - }, - { - "name" : "FEDORA-2008-3371", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00585.html" - }, - { - "name" : "GLSA-200804-24", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200804-24.xml" - }, - { - "name" : "28849", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28849" - }, - { - "name" : "ADV-2008-1321", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1321/references" - }, - { - "name" : "44561", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/44561" - }, - { - "name" : "1019914", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019914" - }, - { - "name" : "29903", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29903" - }, - { - "name" : "29937", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29937" - }, - { - "name" : "29984", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29984" - }, - { - "name" : "dbmail-authldap-security-bypass(41907)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41907" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login such as Active Directory, allows remote attackers to bypass authentication via an empty password, which causes the LDAP bind to indicate success based on anonymous authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200804-24", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200804-24.xml" + }, + { + "name": "28849", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28849" + }, + { + "name": "dbmail-authldap-security-bypass(41907)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41907" + }, + { + "name": "44561", + "refsource": "OSVDB", + "url": "http://osvdb.org/44561" + }, + { + "name": "29903", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29903" + }, + { + "name": "1019914", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019914" + }, + { + "name": "FEDORA-2008-3333", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00549.html" + }, + { + "name": "29984", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29984" + }, + { + "name": "ADV-2008-1321", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1321/references" + }, + { + "name": "FEDORA-2008-3371", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00585.html" + }, + { + "name": "29937", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29937" + }, + { + "name": "[Dbmail-dev] 20071216 [DBMail 0000662]: Ability to bypass authentication.", + "refsource": "MLIST", + "url": "http://www.mail-archive.com/dbmail-dev@dbmail.org/msg09942.html" + }, + { + "name": "http://dbmail.org/index.php?page=news&id=44", + "refsource": "CONFIRM", + "url": "http://dbmail.org/index.php?page=news&id=44" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1454.json b/2010/1xxx/CVE-2010-1454.json index 2889e09dc4e..a10d055e4c3 100644 --- a/2010/1xxx/CVE-2010-1454.json +++ b/2010/1xxx/CVE-2010-1454.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1454", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote attackers to obtain JMX interface access via a blank password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2010-1454", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100517 CVE-2010-1454: SpringSource tc Server unauthenticated remote access to JMX interface", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/511307/100/0/threaded" - }, - { - "name" : "http://www.springsource.com/security/cve-2010-1454", - "refsource" : "CONFIRM", - "url" : "http://www.springsource.com/security/cve-2010-1454" - }, - { - "name" : "40205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40205" - }, - { - "name" : "39778", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39778" - }, - { - "name" : "tcserver-listener-security-bypass(58684)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/58684" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runtime 6.0.19 and 6.0.20 before 6.0.20.D, and 6.0.25.A before 6.0.25.A-SR01, does not properly enforce the requirement for an encrypted (aka s2enc) password, which allows remote attackers to obtain JMX interface access via a blank password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tcserver-listener-security-bypass(58684)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58684" + }, + { + "name": "39778", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39778" + }, + { + "name": "http://www.springsource.com/security/cve-2010-1454", + "refsource": "CONFIRM", + "url": "http://www.springsource.com/security/cve-2010-1454" + }, + { + "name": "20100517 CVE-2010-1454: SpringSource tc Server unauthenticated remote access to JMX interface", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/511307/100/0/threaded" + }, + { + "name": "40205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40205" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1827.json b/2010/1xxx/CVE-2010-1827.json index 7c5c783e323..b1ec99e110d 100644 --- a/2010/1xxx/CVE-2010-1827.json +++ b/2010/1xxx/CVE-2010-1827.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1827", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1827", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1938.json b/2010/1xxx/CVE-2010-1938.json index 31cade900ff..6bfb006ea64 100644 --- a/2010/1xxx/CVE-2010-1938.json +++ b/2010/1xxx/CVE-2010-1938.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1938", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1938", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)", - "refsource" : "SREASONRES", - "url" : "http://securityreason.com/achievement_securityalert/87" - }, - { - "name" : "12762", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12762" - }, - { - "name" : "http://blog.pi3.com.pl/?p=111", - "refsource" : "MISC", - "url" : "http://blog.pi3.com.pl/?p=111" - }, - { - "name" : "http://site.pi3.com.pl/adv/libopie-adv.txt", - "refsource" : "MISC", - "url" : "http://site.pi3.com.pl/adv/libopie-adv.txt" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932" - }, - { - "name" : "DSA-2281", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2011/dsa-2281" - }, - { - "name" : "FreeBSD-SA-10:05", - "refsource" : "FREEBSD", - "url" : "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc" - }, - { - "name" : "40403", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40403" - }, - { - "name" : "1024040", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1024040" - }, - { - "name" : "1025709", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1025709" - }, - { - "name" : "39963", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39963" - }, - { - "name" : "39966", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39966" - }, - { - "name" : "45136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/45136" - }, - { - "name" : "7450", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/7450" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long username, as demonstrated by a long USER command to the FreeBSD 8.0 ftpd." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.pi3.com.pl/?p=111", + "refsource": "MISC", + "url": "http://blog.pi3.com.pl/?p=111" + }, + { + "name": "7450", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/7450" + }, + { + "name": "40403", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40403" + }, + { + "name": "http://site.pi3.com.pl/adv/libopie-adv.txt", + "refsource": "MISC", + "url": "http://site.pi3.com.pl/adv/libopie-adv.txt" + }, + { + "name": "1024040", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1024040" + }, + { + "name": "DSA-2281", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2011/dsa-2281" + }, + { + "name": "FreeBSD-SA-10:05", + "refsource": "FREEBSD", + "url": "http://security.FreeBSD.org/advisories/FreeBSD-SA-10:05.opie.asc" + }, + { + "name": "39966", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39966" + }, + { + "name": "12762", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12762" + }, + { + "name": "20100527 libopie __readrec() off-by one (FreeBSD ftpd remote PoC)", + "refsource": "SREASONRES", + "url": "http://securityreason.com/achievement_securityalert/87" + }, + { + "name": "1025709", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1025709" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584932" + }, + { + "name": "39963", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39963" + }, + { + "name": "45136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/45136" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0758.json b/2014/0xxx/CVE-2014-0758.json index e067df5d0d6..f75ff977186 100644 --- a/2014/0xxx/CVE-2014-0758.json +++ b/2014/0xxx/CVE-2014-0758.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0758", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2014-0758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-051-01", - "refsource" : "MISC", - "url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-051-01" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote attackers to execute arbitrary programs via a crafted HTML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-051-01", + "refsource": "MISC", + "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-051-01" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0780.json b/2014/0xxx/CVE-2014-0780.json index 07ca76ea464..682f9fcc728 100644 --- a/2014/0xxx/CVE-2014-0780.json +++ b/2014/0xxx/CVE-2014-0780.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0780", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2014-0780", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42699", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42699/" - }, - { - "name" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02", - "refsource" : "MISC", - "url" : "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02" - }, - { - "name" : "67056", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67056" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "42699", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42699/" + }, + { + "name": "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02", + "refsource": "MISC", + "url": "http://ics-cert.us-cert.gov/advisories/ICSA-14-107-02" + }, + { + "name": "67056", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67056" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1432.json b/2014/1xxx/CVE-2014-1432.json index 57f06898e57..592068d6089 100644 --- a/2014/1xxx/CVE-2014-1432.json +++ b/2014/1xxx/CVE-2014-1432.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1432", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-1432", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1514.json b/2014/1xxx/CVE-2014-1514.json index fdce5946f20..35eeb3bcb96 100644 --- a/2014/1xxx/CVE-2014-1514.json +++ b/2014/1xxx/CVE-2014-1514.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1514", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2014-1514", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=983344" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "DSA-2881", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2881" - }, - { - "name" : "DSA-2911", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2911" - }, - { - "name" : "GLSA-201504-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-01" - }, - { - "name" : "RHSA-2014:0310", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0310.html" - }, - { - "name" : "RHSA-2014:0316", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0316.html" - }, - { - "name" : "SUSE-SU-2014:0418", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html" - }, - { - "name" : "openSUSE-SU-2014:0419", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" - }, - { - "name" : "openSUSE-SU-2014:0448", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html" - }, - { - "name" : "openSUSE-SU-2014:0584", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html" - }, - { - "name" : "USN-2151-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2151-1" - }, - { - "name" : "66240", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66240" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2014:0310", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0310.html" + }, + { + "name": "DSA-2911", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2911" + }, + { + "name": "GLSA-201504-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-01" + }, + { + "name": "SUSE-SU-2014:0418", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00016.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "USN-2151-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2151-1" + }, + { + "name": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2014/mfsa2014-32.html" + }, + { + "name": "DSA-2881", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2881" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=983344" + }, + { + "name": "66240", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66240" + }, + { + "name": "openSUSE-SU-2014:0419", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00017.html" + }, + { + "name": "RHSA-2014:0316", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0316.html" + }, + { + "name": "openSUSE-SU-2014:0584", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00016.html" + }, + { + "name": "openSUSE-SU-2014:0448", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00022.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5004.json b/2014/5xxx/CVE-2014-5004.json index be75dfc02e6..a5613f28210 100644 --- a/2014/5xxx/CVE-2014-5004.json +++ b/2014/5xxx/CVE-2014-5004.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5004", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitive information by listing the process." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5004", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140710 Vulnerabilities in Ruby Gem brbackup-0.1.1", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/10/6" - }, - { - "name" : "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/17/5" - }, - { - "name" : "http://www.vapid.dhs.org/advisories/brbackup-0.1.1.html", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/brbackup-0.1.1.html" - }, - { - "name" : "68506", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/68506" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitive information by listing the process." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/17/5" + }, + { + "name": "[oss-security] 20140710 Vulnerabilities in Ruby Gem brbackup-0.1.1", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/10/6" + }, + { + "name": "http://www.vapid.dhs.org/advisories/brbackup-0.1.1.html", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/brbackup-0.1.1.html" + }, + { + "name": "68506", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/68506" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5349.json b/2014/5xxx/CVE-2014-5349.json index 6207ee32c4a..e6c6b477f0d 100644 --- a/2014/5xxx/CVE-2014-5349.json +++ b/2014/5xxx/CVE-2014-5349.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "33951", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/33951" - }, - { - "name" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php", - "refsource" : "MISC", - "url" : "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php" - }, - { - "name" : "108605", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/show/osvdb/108605" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in Baidu Spark Browser 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) via nested calls to the window.print JavaScript function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php", + "refsource": "MISC", + "url": "http://www.zeroscience.mk/en/vulnerabilities/ZSL-2014-5190.php" + }, + { + "name": "33951", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/33951" + }, + { + "name": "108605", + "refsource": "OSVDB", + "url": "http://osvdb.org/show/osvdb/108605" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5465.json b/2014/5xxx/CVE-2014-5465.json index c2d1091613d..f48e2ca44f3 100644 --- a/2014/5xxx/CVE-2014-5465.json +++ b/2014/5xxx/CVE-2014-5465.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5465", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34436", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34436" - }, - { - "name" : "http://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html", - "refsource" : "CONFIRM", - "url" : "http://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html" - }, - { - "name" : "http://wordpress.org/plugins/download-shortcode/changelog/", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/plugins/download-shortcode/changelog/" - }, - { - "name" : "http://wordpress.org/support/topic/plugin-download-shortcode-security-issue", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/support/topic/plugin-download-shortcode-security-issue" - }, - { - "name" : "http://wordpress.org/support/topic/vulnerability-5", - "refsource" : "CONFIRM", - "url" : "http://wordpress.org/support/topic/vulnerability-5" - }, - { - "name" : "69440", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/69440" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34436", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34436" + }, + { + "name": "69440", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/69440" + }, + { + "name": "http://wordpress.org/support/topic/vulnerability-5", + "refsource": "CONFIRM", + "url": "http://wordpress.org/support/topic/vulnerability-5" + }, + { + "name": "http://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html", + "refsource": "CONFIRM", + "url": "http://packetstormsecurity.com/files/128024/WordPress-ShortCode-1.1-Local-File-Inclusion.html" + }, + { + "name": "http://wordpress.org/plugins/download-shortcode/changelog/", + "refsource": "CONFIRM", + "url": "http://wordpress.org/plugins/download-shortcode/changelog/" + }, + { + "name": "http://wordpress.org/support/topic/plugin-download-shortcode-security-issue", + "refsource": "CONFIRM", + "url": "http://wordpress.org/support/topic/plugin-download-shortcode-security-issue" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5521.json b/2014/5xxx/CVE-2014-5521.json index b3007a826af..b6d148d8219 100644 --- a/2014/5xxx/CVE-2014-5521.json +++ b/2014/5xxx/CVE-2014-5521.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5521", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5521", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "34452", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/34452" - }, - { - "name" : "20140827 XRMS SQLi to RCE 0day", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2014/Aug/78" - }, - { - "name" : "[oss-security] 20140827 XRMS SQLi to RCE 0day", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/27/4" - }, - { - "name" : "[oss-security] 20140829 Re: XRMS SQLi to RCE 0day", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/08/29/1" - }, - { - "name" : "http://packetstormsecurity.com/files/128030/XRMS-Blind-SQL-Injection-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/128030/XRMS-Blind-SQL-Injection-Command-Execution.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "plugins/useradmin/fingeruser.php in XRMS CRM, possibly 1.99.2, allows remote authenticated users to execute arbitrary code via shell metacharacters in the username parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/128030/XRMS-Blind-SQL-Injection-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/128030/XRMS-Blind-SQL-Injection-Command-Execution.html" + }, + { + "name": "20140827 XRMS SQLi to RCE 0day", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2014/Aug/78" + }, + { + "name": "[oss-security] 20140827 XRMS SQLi to RCE 0day", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/27/4" + }, + { + "name": "[oss-security] 20140829 Re: XRMS SQLi to RCE 0day", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/08/29/1" + }, + { + "name": "34452", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/34452" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5949.json b/2014/5xxx/CVE-2014-5949.json index f4472545889..8b23bda6296 100644 --- a/2014/5xxx/CVE-2014-5949.json +++ b/2014/5xxx/CVE-2014-5949.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5949", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5949", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#486665", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/486665" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The TICKET APP - Concerts & Sports (aka com.xcr.android.ticketapp) application 3.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#486665", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/486665" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2151.json b/2015/2xxx/CVE-2015-2151.json index f867c72cb2e..785d33f6acc 100644 --- a/2015/2xxx/CVE-2015-2151.json +++ b/2015/2xxx/CVE-2015-2151.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2151", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2151", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-123.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-123.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "http://support.citrix.com/article/CTX200484", - "refsource" : "CONFIRM", - "url" : "http://support.citrix.com/article/CTX200484" - }, - { - "name" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm", - "refsource" : "CONFIRM", - "url" : "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm" - }, - { - "name" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", - "refsource" : "CONFIRM", - "url" : "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" - }, - { - "name" : "DSA-3181", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3181" - }, - { - "name" : "FEDORA-2015-3721", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html" - }, - { - "name" : "FEDORA-2015-3935", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html" - }, - { - "name" : "FEDORA-2015-3944", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "openSUSE-SU-2015:0732", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html" - }, - { - "name" : "73015", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73015" - }, - { - "name" : "1031903", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031903" - }, - { - "name" : "1031806", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031806" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a denial of service (memory corruption), or possibly execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm", + "refsource": "CONFIRM", + "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-423503.htm" + }, + { + "name": "http://support.citrix.com/article/CTX200484", + "refsource": "CONFIRM", + "url": "http://support.citrix.com/article/CTX200484" + }, + { + "name": "FEDORA-2015-3944", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152776.html" + }, + { + "name": "FEDORA-2015-3721", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152588.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "http://xenbits.xen.org/xsa/advisory-123.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-123.html" + }, + { + "name": "1031903", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031903" + }, + { + "name": "DSA-3181", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3181" + }, + { + "name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761", + "refsource": "CONFIRM", + "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761" + }, + { + "name": "FEDORA-2015-3935", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152483.html" + }, + { + "name": "openSUSE-SU-2015:0732", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + }, + { + "name": "73015", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73015" + }, + { + "name": "1031806", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031806" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2196.json b/2015/2xxx/CVE-2015-2196.json index a5e4e2791b8..bb2e62e39e8 100644 --- a/2015/2xxx/CVE-2015-2196.json +++ b/2015/2xxx/CVE-2015-2196.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2196", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2196", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "36061", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/36061" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Spider Event Calendar 1.4.9 for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36061", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/36061" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10079.json b/2016/10xxx/CVE-2016-10079.json index 61b0bca1fda..c1f614230a5 100644 --- a/2016/10xxx/CVE-2016-10079.json +++ b/2016/10xxx/CVE-2016-10079.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10079", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10079", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "41030", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/41030/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41030", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/41030/" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10277.json b/2016/10xxx/CVE-2016-10277.json index 07d31fb931f..172024b6188 100644 --- a/2016/10xxx/CVE-2016-10277.json +++ b/2016/10xxx/CVE-2016-10277.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-10277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33840490." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-10277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "42601", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/42601/" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-05-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-05-01" - }, - { - "name" : "98149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/98149" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Motorola bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-33840490." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-05-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-05-01" + }, + { + "name": "98149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/98149" + }, + { + "name": "42601", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/42601/" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4809.json b/2016/4xxx/CVE-2016-4809.json index 852b56461e9..163e9d1b73e 100644 --- a/2016/4xxx/CVE-2016-4809.json +++ b/2016/4xxx/CVE-2016-4809.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4809", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4809", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1347084" - }, - { - "name" : "https://github.com/libarchive/libarchive/commit/fd7e0c02", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/commit/fd7e0c02" - }, - { - "name" : "https://github.com/libarchive/libarchive/issues/705", - "refsource" : "CONFIRM", - "url" : "https://github.com/libarchive/libarchive/issues/705" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3657", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3657" - }, - { - "name" : "GLSA-201701-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-03" - }, - { - "name" : "RHSA-2016:1844", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1844.html" - }, - { - "name" : "RHSA-2016:1850", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1850.html" - }, - { - "name" : "91813", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91813" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The archive_read_format_cpio_read_header function in archive_read_support_format_cpio.c in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a CPIO archive with a large symlink." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/libarchive/libarchive/commit/fd7e0c02", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/commit/fd7e0c02" + }, + { + "name": "RHSA-2016:1844", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1844.html" + }, + { + "name": "https://github.com/libarchive/libarchive/issues/705", + "refsource": "CONFIRM", + "url": "https://github.com/libarchive/libarchive/issues/705" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "91813", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91813" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1347084", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1347084" + }, + { + "name": "RHSA-2016:1850", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1850.html" + }, + { + "name": "GLSA-201701-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-03" + }, + { + "name": "DSA-3657", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3657" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4985.json b/2016/4xxx/CVE-2016-4985.json index e0e76cefbbd..7c64159ec10 100644 --- a/2016/4xxx/CVE-2016-4985.json +++ b/2016/4xxx/CVE-2016-4985.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4985", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4985", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160621 Ironic node information including credentials exposed to unathenticated users", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/21/6" - }, - { - "name" : "https://bugs.launchpad.net/ironic/+bug/1572796", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ironic/+bug/1572796" - }, - { - "name" : "https://review.openstack.org/332195", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/332195" - }, - { - "name" : "https://review.openstack.org/332196", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/332196" - }, - { - "name" : "https://review.openstack.org/332197", - "refsource" : "CONFIRM", - "url" : "https://review.openstack.org/332197" - }, - { - "name" : "RHSA-2016:1377", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1377" - }, - { - "name" : "RHSA-2016:1378", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1378" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://review.openstack.org/332197", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/332197" + }, + { + "name": "https://bugs.launchpad.net/ironic/+bug/1572796", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ironic/+bug/1572796" + }, + { + "name": "[oss-security] 20160621 Ironic node information including credentials exposed to unathenticated users", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/21/6" + }, + { + "name": "https://review.openstack.org/332195", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/332195" + }, + { + "name": "RHSA-2016:1378", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1378" + }, + { + "name": "RHSA-2016:1377", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1377" + }, + { + "name": "https://review.openstack.org/332196", + "refsource": "CONFIRM", + "url": "https://review.openstack.org/332196" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8449.json b/2016/8xxx/CVE-2016-8449.json index 9518986906e..337d6edc5c7 100644 --- a/2016/8xxx/CVE-2016-8449.json +++ b/2016/8xxx/CVE-2016-8449.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8449", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31798848. References: N-CVE-2016-8449." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8449", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", - "refsource" : "CONFIRM", - "url" : "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" - }, - { - "name" : "95262", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31798848. References: N-CVE-2016-8449." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "95262", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95262" + }, + { + "name": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561", + "refsource": "CONFIRM", + "url": "http://nvidia.custhelp.com/app/answers/detail/a_id/4561" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8540.json b/2016/8xxx/CVE-2016-8540.json index ba0d58152ae..71a26b5cda4 100644 --- a/2016/8xxx/CVE-2016-8540.json +++ b/2016/8xxx/CVE-2016-8540.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8540", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-8540", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8911.json b/2016/8xxx/CVE-2016-8911.json index 65df43543f0..caa386da04f 100644 --- a/2016/8xxx/CVE-2016-8911.json +++ b/2016/8xxx/CVE-2016-8911.json @@ -1,91 +1,91 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-8911", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Kenexa LMS on Cloud", - "version" : { - "version_data" : [ - { - "version_value" : "13.0" - }, - { - "version_value" : "13.1" - }, - { - "version_value" : "13.2" - }, - { - "version_value" : "13.2.2" - }, - { - "version_value" : "13.2.3" - }, - { - "version_value" : "13.2.4" - }, - { - "version_value" : "14.0.0" - }, - { - "version_value" : "14.1.0" - }, - { - "version_value" : "14.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-8911", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Kenexa LMS on Cloud", + "version": { + "version_data": [ + { + "version_value": "13.0" + }, + { + "version_value": "13.1" + }, + { + "version_value": "13.2" + }, + { + "version_value": "13.2.2" + }, + { + "version_value": "13.2.3" + }, + { + "version_value": "13.2.4" + }, + { + "version_value": "14.0.0" + }, + { + "version_value": "14.1.0" + }, + { + "version_value": "14.2.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21993982", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21993982" - }, - { - "name" : "94325", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94325", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94325" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21993982", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21993982" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9005.json b/2016/9xxx/CVE-2016-9005.json index 4aa5d1a627d..c51121e0ad4 100644 --- a/2016/9xxx/CVE-2016-9005.json +++ b/2016/9xxx/CVE-2016-9005.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-9005", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "System Storage", - "version" : { - "version_data" : [ - { - "version_value" : "TS3100-TS3200" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-9005", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "System Storage", + "version": { + "version_data": [ + { + "version_value": "TS3100-TS3200" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1009656", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=ssg1S1009656" - }, - { - "name" : "95436", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95436" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009656", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=ssg1S1009656" + }, + { + "name": "95436", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95436" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9647.json b/2016/9xxx/CVE-2016-9647.json index bcdc35e6204..ede8a7572a0 100644 --- a/2016/9xxx/CVE-2016-9647.json +++ b/2016/9xxx/CVE-2016-9647.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9647", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9647", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9998.json b/2016/9xxx/CVE-2016-9998.json index 654aba2ba4d..2f84ca7dae4 100644 --- a/2016/9xxx/CVE-2016-9998.json +++ b/2016/9xxx/CVE-2016-9998.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9998", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9998", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://core.spip.net/projects/spip/repository/revisions/23288", - "refsource" : "CONFIRM", - "url" : "https://core.spip.net/projects/spip/repository/revisions/23288" - }, - { - "name" : "95008", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95008" - }, - { - "name" : "1037486", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037486" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SPIP 3.1.x suffer from a Reflected Cross Site Scripting Vulnerability in /ecrire/exec/info_plugin.php involving the `$plugin` parameter, as demonstrated by a /ecrire/?exec=info_plugin URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95008", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95008" + }, + { + "name": "https://core.spip.net/projects/spip/repository/revisions/23288", + "refsource": "CONFIRM", + "url": "https://core.spip.net/projects/spip/repository/revisions/23288" + }, + { + "name": "1037486", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037486" + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003030.json b/2019/1003xxx/CVE-2019-1003030.json index e2e5982e9ee..eddaca7583c 100644 --- a/2019/1003xxx/CVE-2019-1003030.json +++ b/2019/1003xxx/CVE-2019-1003030.json @@ -1,64 +1,64 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-03-06T22:44:37.384525", - "ID" : "CVE-2019-1003030", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Jenkins Pipeline: Groovy Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "2.63 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-693" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-03-06T22:44:37.384525", + "ID": "CVE-2019-1003030", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Jenkins Pipeline: Groovy Plugin", + "version": { + "version_data": [ + { + "version_value": "2.63 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(2)", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(2)" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-693" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(2)", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1336%20(2)" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2275.json b/2019/2xxx/CVE-2019-2275.json index e15098465fa..183cadab11e 100644 --- a/2019/2xxx/CVE-2019-2275.json +++ b/2019/2xxx/CVE-2019-2275.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2275", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2275", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2543.json b/2019/2xxx/CVE-2019-2543.json index aa6c4f258b6..42ee65cfdad 100644 --- a/2019/2xxx/CVE-2019-2543.json +++ b/2019/2xxx/CVE-2019-2543.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Solaris Operating System", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "10" - }, - { - "version_affected" : "=", - "version_value" : "11" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via KSSL to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via KSSL to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Solaris Operating System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10" + }, + { + "version_affected": "=", + "version_value": "11" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106589", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106589" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via KSSL to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via KSSL to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106589", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106589" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2880.json b/2019/2xxx/CVE-2019-2880.json index d3f8949876a..ae74dfb8ffe 100644 --- a/2019/2xxx/CVE-2019-2880.json +++ b/2019/2xxx/CVE-2019-2880.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2880", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2880", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3511.json b/2019/3xxx/CVE-2019-3511.json index 00df17c69de..f81fcc520f7 100644 --- a/2019/3xxx/CVE-2019-3511.json +++ b/2019/3xxx/CVE-2019-3511.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3511", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3511", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6289.json b/2019/6xxx/CVE-2019-6289.json index 1f270fd52bd..c66ce5e900e 100644 --- a/2019/6xxx/CVE-2019-6289.json +++ b/2019/6xxx/CVE-2019-6289.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://laolisafe.com/dedecms/", - "refsource" : "MISC", - "url" : "https://laolisafe.com/dedecms/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://laolisafe.com/dedecms/", + "refsource": "MISC", + "url": "https://laolisafe.com/dedecms/" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6578.json b/2019/6xxx/CVE-2019-6578.json index a664d2677d0..88adbe62456 100644 --- a/2019/6xxx/CVE-2019-6578.json +++ b/2019/6xxx/CVE-2019-6578.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6578", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6578", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6907.json b/2019/6xxx/CVE-2019-6907.json index 09c1945ae3e..db4e9c8f492 100644 --- a/2019/6xxx/CVE-2019-6907.json +++ b/2019/6xxx/CVE-2019-6907.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6907", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6907", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7845.json b/2019/7xxx/CVE-2019-7845.json index c5cb35c1097..10e6b9e87be 100644 --- a/2019/7xxx/CVE-2019-7845.json +++ b/2019/7xxx/CVE-2019-7845.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7845", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7845", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7875.json b/2019/7xxx/CVE-2019-7875.json index f52c3b14327..c75f61c2d94 100644 --- a/2019/7xxx/CVE-2019-7875.json +++ b/2019/7xxx/CVE-2019-7875.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7875", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7875", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7981.json b/2019/7xxx/CVE-2019-7981.json index ed4568f0d18..d632ca09f3d 100644 --- a/2019/7xxx/CVE-2019-7981.json +++ b/2019/7xxx/CVE-2019-7981.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7981", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7981", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file