From e228bbc3755da1274ed88d2602007a5ddd50938f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:13:55 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0185.json | 120 ++++++++--------- 1999/0xxx/CVE-1999-0660.json | 34 ++--- 1999/1xxx/CVE-1999-1372.json | 120 ++++++++--------- 2007/0xxx/CVE-2007-0210.json | 190 +++++++++++++------------- 2007/0xxx/CVE-2007-0509.json | 170 ++++++++++++------------ 2007/0xxx/CVE-2007-0539.json | 140 ++++++++++---------- 2007/0xxx/CVE-2007-0563.json | 190 +++++++++++++------------- 2007/1xxx/CVE-2007-1150.json | 150 ++++++++++----------- 2007/1xxx/CVE-2007-1204.json | 210 ++++++++++++++--------------- 2007/1xxx/CVE-2007-1365.json | 210 ++++++++++++++--------------- 2007/1xxx/CVE-2007-1690.json | 170 ++++++++++++------------ 2007/1xxx/CVE-2007-1791.json | 150 ++++++++++----------- 2007/5xxx/CVE-2007-5649.json | 160 +++++++++++----------- 2007/5xxx/CVE-2007-5912.json | 120 ++++++++--------- 2007/5xxx/CVE-2007-5972.json | 240 ++++++++++++++++----------------- 2015/3xxx/CVE-2015-3597.json | 34 ++--- 2015/3xxx/CVE-2015-3782.json | 170 ++++++++++++------------ 2015/3xxx/CVE-2015-3992.json | 34 ++--- 2015/6xxx/CVE-2015-6371.json | 120 ++++++++--------- 2015/7xxx/CVE-2015-7034.json | 140 ++++++++++---------- 2015/7xxx/CVE-2015-7093.json | 140 ++++++++++---------- 2015/7xxx/CVE-2015-7306.json | 130 +++++++++--------- 2015/7xxx/CVE-2015-7579.json | 200 ++++++++++++++-------------- 2015/7xxx/CVE-2015-7885.json | 250 +++++++++++++++++------------------ 2015/7xxx/CVE-2015-7930.json | 130 +++++++++--------- 2015/8xxx/CVE-2015-8207.json | 34 ++--- 2015/8xxx/CVE-2015-8240.json | 130 +++++++++--------- 2015/8xxx/CVE-2015-8484.json | 140 ++++++++++---------- 2015/8xxx/CVE-2015-8772.json | 130 +++++++++--------- 2015/8xxx/CVE-2015-8936.json | 160 +++++++++++----------- 2016/0xxx/CVE-2016-0551.json | 130 +++++++++--------- 2016/0xxx/CVE-2016-0625.json | 34 ++--- 2016/0xxx/CVE-2016-0653.json | 130 +++++++++--------- 2016/1xxx/CVE-2016-1525.json | 190 +++++++++++++------------- 2016/1xxx/CVE-2016-1569.json | 160 +++++++++++----------- 2016/5xxx/CVE-2016-5208.json | 160 +++++++++++----------- 2016/5xxx/CVE-2016-5396.json | 140 ++++++++++---------- 2016/5xxx/CVE-2016-5644.json | 34 ++--- 2016/5xxx/CVE-2016-5710.json | 34 ++--- 2016/5xxx/CVE-2016-5848.json | 140 ++++++++++---------- 2018/2xxx/CVE-2018-2110.json | 34 ++--- 2019/0xxx/CVE-2019-0311.json | 34 ++--- 2019/0xxx/CVE-2019-0513.json | 34 ++--- 2019/0xxx/CVE-2019-0668.json | 136 +++++++++---------- 2019/0xxx/CVE-2019-0735.json | 34 ++--- 2019/0xxx/CVE-2019-0854.json | 34 ++--- 2019/1xxx/CVE-2019-1002.json | 34 ++--- 2019/1xxx/CVE-2019-1282.json | 34 ++--- 2019/1xxx/CVE-2019-1542.json | 34 ++--- 2019/1xxx/CVE-2019-1771.json | 34 ++--- 2019/1xxx/CVE-2019-1964.json | 34 ++--- 2019/4xxx/CVE-2019-4107.json | 34 ++--- 2019/4xxx/CVE-2019-4273.json | 34 ++--- 2019/4xxx/CVE-2019-4318.json | 34 ++--- 2019/4xxx/CVE-2019-4754.json | 34 ++--- 2019/5xxx/CVE-2019-5703.json | 34 ++--- 2019/5xxx/CVE-2019-5717.json | 160 +++++++++++----------- 2019/5xxx/CVE-2019-5834.json | 34 ++--- 2019/8xxx/CVE-2019-8082.json | 34 ++--- 2019/8xxx/CVE-2019-8436.json | 120 ++++++++--------- 2019/9xxx/CVE-2019-9078.json | 120 ++++++++--------- 2019/9xxx/CVE-2019-9232.json | 34 ++--- 62 files changed, 3308 insertions(+), 3308 deletions(-) diff --git a/1999/0xxx/CVE-1999-0185.json b/1999/0xxx/CVE-1999-0185.json index d160ed82c69..46dd760a0b1 100644 --- a/1999/0xxx/CVE-1999-0185.json +++ b/1999/0xxx/CVE-1999-0185.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0185", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0185", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "00156", - "refsource" : "SUN", - "url" : "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/156" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "00156", + "refsource": "SUN", + "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/156" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0660.json b/1999/0xxx/CVE-1999-0660.json index 602d5fd2230..3862dffed8f 100644 --- a/1999/0xxx/CVE-1999-0660.json +++ b/1999/0xxx/CVE-1999-0660.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0660", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. It might be more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc.\"" - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-0660", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is not about any specific product, protocol, or design, so it is out of scope of CVE. It might be more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"A hacker utility, back door, or Trojan Horse is installed on a system, e.g. NetBus, Back Orifice, Rootkit, etc.\"" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1372.json b/1999/1xxx/CVE-1999-1372.json index ebbdedf2a00..460e67563ce 100644 --- a/1999/1xxx/CVE-1999-1372.json +++ b/1999/1xxx/CVE-1999-1372.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1372", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1372", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990219 Plaintext Password in Tractive's Remote Manager Software", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=91966339502073&w=2" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Triactive Remote Manager with Basic authentication enabled stores the username and password in cleartext in registry keys, which could allow local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19990219 Plaintext Password in Tractive's Remote Manager Software", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=91966339502073&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0210.json b/2007/0xxx/CVE-2007-0210.json index 1824c384b0b..c2771cc92af 100644 --- a/2007/0xxx/CVE-2007-0210.json +++ b/2007/0xxx/CVE-2007-0210.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0210", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an \"unchecked buffer,\" probably a buffer overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0210", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS07-007", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-007" - }, - { - "name" : "TA07-044A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" - }, - { - "name" : "22499", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22499" - }, - { - "name" : "ADV-2007-0576", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0576" - }, - { - "name" : "31889", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31889" - }, - { - "name" : "oval:org.mitre.oval:def:186", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A186" - }, - { - "name" : "1017634", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017634" - }, - { - "name" : "24132", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24132" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Window Image Acquisition (WIA) Service in Microsoft Windows XP SP2 allows local users to gain privileges via unspecified vectors involving an \"unchecked buffer,\" probably a buffer overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS07-007", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-007" + }, + { + "name": "24132", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24132" + }, + { + "name": "31889", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31889" + }, + { + "name": "ADV-2007-0576", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0576" + }, + { + "name": "TA07-044A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" + }, + { + "name": "oval:org.mitre.oval:def:186", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A186" + }, + { + "name": "22499", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22499" + }, + { + "name": "1017634", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017634" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0509.json b/2007/0xxx/CVE-2007-0509.json index 9b3a8eb3510..933dd5cdfd8 100644 --- a/2007/0xxx/CVE-2007-0509.json +++ b/2007/0xxx/CVE-2007-0509.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0509", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have unknown impact and attack vectors, possibly relating to cross-site scripting (XSS) in the slogan parameter in main.tpl, or information leaks in error messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0509", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=479940", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=479940" - }, - { - "name" : "22206", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22206" - }, - { - "name" : "ADV-2007-0321", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0321" - }, - { - "name" : "32950", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32950" - }, - { - "name" : "23864", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23864" - }, - { - "name" : "maklerplus-multiple-unspecified(31734)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31734" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in MaklerPlus before 1.2 have unknown impact and attack vectors, possibly relating to cross-site scripting (XSS) in the slogan parameter in main.tpl, or information leaks in error messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=479940", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=479940" + }, + { + "name": "maklerplus-multiple-unspecified(31734)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31734" + }, + { + "name": "22206", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22206" + }, + { + "name": "ADV-2007-0321", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0321" + }, + { + "name": "23864", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23864" + }, + { + "name": "32950", + "refsource": "OSVDB", + "url": "http://osvdb.org/32950" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0539.json b/2007/0xxx/CVE-2007-0539.json index ea945868ce7..380993e9264 100644 --- a/2007/0xxx/CVE-2007-0539.json +++ b/2007/0xxx/CVE-2007-0539.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0539", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0539", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070124 Multiple Remote Vulnerabilities in Wordpress", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458003/100/0/threaded" - }, - { - "name" : "20070124 Weaknesses in Pingback Design", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457996/100/0/threaded" - }, - { - "name" : "2191", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2191" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The wp_remote_fopen function in WordPress before 2.1 allows remote attackers to cause a denial of service (bandwidth or thread consumption) via pingback service calls with a source URI that corresponds to a large file, which triggers a long download session without a timeout constraint." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070124 Multiple Remote Vulnerabilities in Wordpress", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458003/100/0/threaded" + }, + { + "name": "20070124 Weaknesses in Pingback Design", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457996/100/0/threaded" + }, + { + "name": "2191", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2191" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0563.json b/2007/0xxx/CVE-2007-0563.json index 92d9011cb5e..09566c83b07 100644 --- a/2007/0xxx/CVE-2007-0563.json +++ b/2007/0xxx/CVE-2007-0563.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0563", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0563", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html", - "refsource" : "CONFIRM", - "url" : "http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html" - }, - { - "name" : "22184", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22184" - }, - { - "name" : "ADV-2007-0330", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0330" - }, - { - "name" : "32960", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32960" - }, - { - "name" : "32961", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32961" - }, - { - "name" : "1017558", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017558" - }, - { - "name" : "23896", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23896" - }, - { - "name" : "symantec-html-xss(31750)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31750" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Symantec Web Security (SWS) before 3.0.1.85 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) error messages and (2) blocked page messages produced by SWS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html", + "refsource": "CONFIRM", + "url": "http://securityresponse.symantec.com/avcenter/security/Content/2007.01.24c.html" + }, + { + "name": "ADV-2007-0330", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0330" + }, + { + "name": "23896", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23896" + }, + { + "name": "32960", + "refsource": "OSVDB", + "url": "http://osvdb.org/32960" + }, + { + "name": "1017558", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017558" + }, + { + "name": "symantec-html-xss(31750)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31750" + }, + { + "name": "32961", + "refsource": "OSVDB", + "url": "http://osvdb.org/32961" + }, + { + "name": "22184", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22184" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1150.json b/2007/1xxx/CVE-2007-1150.json index b478d473c77..f8bf570c919 100644 --- a/2007/1xxx/CVE-2007-1150.json +++ b/2007/1xxx/CVE-2007-1150.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1150", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote authenticated administrators to upload arbitrary files to /modules/content/pictures/tmp/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1150", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070222 LoveCMS 1.4 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460917/100/0/threaded" - }, - { - "name" : "22675", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22675" - }, - { - "name" : "33519", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33519" - }, - { - "name" : "2338", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2338" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in LoveCMS 1.4 allows remote authenticated administrators to upload arbitrary files to /modules/content/pictures/tmp/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2338", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2338" + }, + { + "name": "33519", + "refsource": "OSVDB", + "url": "http://osvdb.org/33519" + }, + { + "name": "22675", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22675" + }, + { + "name": "20070222 LoveCMS 1.4 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460917/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1204.json b/2007/1xxx/CVE-2007-1204.json index fe725270509..a92b2a83f30 100644 --- a/2007/1xxx/CVE-2007-1204.json +++ b/2007/1xxx/CVE-2007-1204.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1204", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-1204", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070410 Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=509" - }, - { - "name" : "HPSBST02208", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" - }, - { - "name" : "SSRT071365", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/466331/100/200/threaded" - }, - { - "name" : "MS07-019", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-019" - }, - { - "name" : "23371", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23371" - }, - { - "name" : "ADV-2007-1323", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1323" - }, - { - "name" : "34010", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34010" - }, - { - "name" : "oval:org.mitre.oval:def:2049", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2049" - }, - { - "name" : "1017895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017895" - }, - { - "name" : "24822", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24822" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in Microsoft Windows XP SP2 allows remote attackers on the same subnet to execute arbitrary code via crafted HTTP headers in request or notification messages, which trigger memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017895" + }, + { + "name": "HPSBST02208", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" + }, + { + "name": "ADV-2007-1323", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1323" + }, + { + "name": "24822", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24822" + }, + { + "name": "oval:org.mitre.oval:def:2049", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2049" + }, + { + "name": "20070410 Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=509" + }, + { + "name": "34010", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34010" + }, + { + "name": "MS07-019", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-019" + }, + { + "name": "SSRT071365", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/466331/100/200/threaded" + }, + { + "name": "23371", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23371" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1365.json b/2007/1xxx/CVE-2007-1365.json index dc9ae952043..d0ace0083e4 100644 --- a/2007/1xxx/CVE-2007-1365.json +++ b/2007/1xxx/CVE-2007-1365.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to \"incorrect mbuf handling for ICMP6 packets.\" NOTE: this was originally reported as a denial of service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[source-changes] 20070226 CVS: cvs.openbsd.org: src", - "refsource" : "MLIST", - "url" : "http://marc.info/?l=openbsd-cvs&m=117252151023868&w=2" - }, - { - "name" : "http://www.coresecurity.com/?action=item&id=1703", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/?action=item&id=1703" - }, - { - "name" : "[3.9] 020: SECURITY FIX: March 7, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata39.html#m_dup1" - }, - { - "name" : "[4.0] 010: SECURITY FIX: March 7, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata40.html#m_dup1" - }, - { - "name" : "VU#986425", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/986425" - }, - { - "name" : "22901", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22901" - }, - { - "name" : "33050", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/33050" - }, - { - "name" : "1017735", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017735" - }, - { - "name" : "1017744", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017744" - }, - { - "name" : "24490", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24490" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in kern/uipc_mbuf2.c in OpenBSD 3.9 and 4.0 allows remote attackers to execute arbitrary code via fragmented IPv6 packets due to \"incorrect mbuf handling for ICMP6 packets.\" NOTE: this was originally reported as a denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#986425", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/986425" + }, + { + "name": "1017735", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017735" + }, + { + "name": "[source-changes] 20070226 CVS: cvs.openbsd.org: src", + "refsource": "MLIST", + "url": "http://marc.info/?l=openbsd-cvs&m=117252151023868&w=2" + }, + { + "name": "http://www.coresecurity.com/?action=item&id=1703", + "refsource": "MISC", + "url": "http://www.coresecurity.com/?action=item&id=1703" + }, + { + "name": "33050", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/33050" + }, + { + "name": "[4.0] 010: SECURITY FIX: March 7, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata40.html#m_dup1" + }, + { + "name": "1017744", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017744" + }, + { + "name": "[3.9] 020: SECURITY FIX: March 7, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata39.html#m_dup1" + }, + { + "name": "22901", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22901" + }, + { + "name": "24490", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24490" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1690.json b/2007/1xxx/CVE-2007-1690.json index dfd5a544af1..a39e71a5509 100644 --- a/2007/1xxx/CVE-2007-1690.json +++ b/2007/1xxx/CVE-2007-1690.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-1690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#118737", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/118737" - }, - { - "name" : "23554", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23554" - }, - { - "name" : "ADV-2007-1454", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1454" - }, - { - "name" : "34326", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34326" - }, - { - "name" : "24960", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24960" - }, - { - "name" : "activegs-slot-bo(33759)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33759" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in Second Sight Software ActiveGS ActiveX control (ActiveGS.ocx) allow remote attackers to execute arbitrary code via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23554", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23554" + }, + { + "name": "34326", + "refsource": "OSVDB", + "url": "http://osvdb.org/34326" + }, + { + "name": "activegs-slot-bo(33759)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33759" + }, + { + "name": "ADV-2007-1454", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1454" + }, + { + "name": "VU#118737", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/118737" + }, + { + "name": "24960", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24960" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1791.json b/2007/1xxx/CVE-2007-1791.json index ced684a7d75..390faf56eb5 100644 --- a/2007/1xxx/CVE-2007-1791.json +++ b/2007/1xxx/CVE-2007-1791.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1791", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1791", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3605", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3605" - }, - { - "name" : "23205", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23205" - }, - { - "name" : "34936", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34936" - }, - { - "name" : "pictureengine-wall-sql-injection(33325)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33325" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in wall.php in Picture-Engine 1.2.0 and earlier allows remote attackers to execute arbitrary SQL commands via the cat parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "pictureengine-wall-sql-injection(33325)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33325" + }, + { + "name": "23205", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23205" + }, + { + "name": "3605", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3605" + }, + { + "name": "34936", + "refsource": "OSVDB", + "url": "http://osvdb.org/34936" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5649.json b/2007/5xxx/CVE-2007-5649.json index b82a6ec58f6..e865fd06f4c 100644 --- a/2007/5xxx/CVE-2007-5649.json +++ b/2007/5xxx/CVE-2007-5649.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5649", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5649", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/0710-exploits/socketmail-xss.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/0710-exploits/socketmail-xss.txt" - }, - { - "name" : "26138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26138" - }, - { - "name" : "1018855", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018855" - }, - { - "name" : "27324", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27324" - }, - { - "name" : "socketmail-lostpwd-xss(37382)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37382" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in lostpwd.php in Creative Digital Resources SocketMail 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the lost_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.org/0710-exploits/socketmail-xss.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/0710-exploits/socketmail-xss.txt" + }, + { + "name": "1018855", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018855" + }, + { + "name": "socketmail-lostpwd-xss(37382)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37382" + }, + { + "name": "27324", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27324" + }, + { + "name": "26138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26138" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5912.json b/2007/5xxx/CVE-2007-5912.json index b099e5f7602..0e664ac366e 100644 --- a/2007/5xxx/CVE-2007-5912.json +++ b/2007/5xxx/CVE-2007-5912.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5912", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5912", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4611", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4611" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in mailer.php in jPORTAL 2 allows remote attackers to execute arbitrary SQL commands via the to parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4611", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4611" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5972.json b/2007/5xxx/CVE-2007-5972.json index 7c82744d601..f748951513e 100644 --- a/2007/5xxx/CVE-2007-5972.json +++ b/2007/5xxx/CVE-2007-5972.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5972", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5972", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071208 MIT Kerberos 5: Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2007/Dec/0176.html" - }, - { - "name" : "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2007/Dec/0321.html" - }, - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=199211", - "refsource" : "MISC", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=199211" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2012", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2012" - }, - { - "name" : "SUSE-SR:2008:002", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" - }, - { - "name" : "USN-924-1", - "refsource" : "UBUNTU", - "url" : "http://ubuntu.com/usn/usn-924-1" - }, - { - "name" : "USN-940-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-940-1" - }, - { - "name" : "26750", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26750" - }, - { - "name" : "44747", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/44747" - }, - { - "name" : "28636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28636" - }, - { - "name" : "39290", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39290" - }, - { - "name" : "39784", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39784" - }, - { - "name" : "ADV-2010-1192", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1192" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Double free vulnerability in the krb5_def_store_mkey function in lib/kdb/kdb_default.c in MIT Kerberos 5 (krb5) 1.5 has unknown impact and remote authenticated attack vectors. NOTE: the free operations occur in code that stores the krb5kdc master key, and so the attacker must have privileges to store this key." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39784", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39784" + }, + { + "name": "USN-940-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-940-1" + }, + { + "name": "SUSE-SR:2008:002", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" + }, + { + "name": "26750", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26750" + }, + { + "name": "20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972]", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2007/Dec/0321.html" + }, + { + "name": "ADV-2010-1192", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1192" + }, + { + "name": "44747", + "refsource": "OSVDB", + "url": "http://osvdb.org/44747" + }, + { + "name": "20071208 MIT Kerberos 5: Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2007/Dec/0176.html" + }, + { + "name": "39290", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39290" + }, + { + "name": "USN-924-1", + "refsource": "UBUNTU", + "url": "http://ubuntu.com/usn/usn-924-1" + }, + { + "name": "28636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28636" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=199211", + "refsource": "MISC", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=199211" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2012", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2012" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3597.json b/2015/3xxx/CVE-2015-3597.json index a3bf007d77f..ec99586ac7b 100644 --- a/2015/3xxx/CVE-2015-3597.json +++ b/2015/3xxx/CVE-2015-3597.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3597", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3597", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3782.json b/2015/3xxx/CVE-2015-3782.json index 9fb75015dae..030ffaaf7d5 100644 --- a/2015/3xxx/CVE-2015-3782.json +++ b/2015/3xxx/CVE-2015-3782.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3782", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3782", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205030", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205030" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-08-13-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" - }, - { - "name" : "76343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76343" - }, - { - "name" : "1033275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CloudKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to access an iCloud user record associated with a previous user's login session via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/kb/HT205030", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205030" + }, + { + "name": "1033275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033275" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "APPLE-SA-2015-08-13-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00002.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "76343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76343" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3992.json b/2015/3xxx/CVE-2015-3992.json index b26e0efa12e..84bbef8be2b 100644 --- a/2015/3xxx/CVE-2015-3992.json +++ b/2015/3xxx/CVE-2015-3992.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3992", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3992", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6371.json b/2015/6xxx/CVE-2015-6371.json index acd631638a5..6e0acfa7c12 100644 --- a/2015/6xxx/CVE-2015-6371.json +++ b/2015/6xxx/CVE-2015-6371.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6371", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6371", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151117 Cisco Firepower 9000 Arbitrary File Read Access Script Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to read arbitrary files via crafted parameters to unspecified scripts, aka Bug ID CSCux10621." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20151117 Cisco Firepower 9000 Arbitrary File Read Access Script Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower1" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7034.json b/2015/7xxx/CVE-2015-7034.json index db769245fc9..698c2c4aa89 100644 --- a/2015/7xxx/CVE-2015-7034.json +++ b/2015/7xxx/CVE-2015-7034.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7034", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7034", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205373", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205373" - }, - { - "name" : "APPLE-SA-2015-10-15-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html" - }, - { - "name" : "1033821", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033821" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033821", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033821" + }, + { + "name": "APPLE-SA-2015-10-15-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00000.html" + }, + { + "name": "https://support.apple.com/HT205373", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205373" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7093.json b/2015/7xxx/CVE-2015-7093.json index 20a1556d92c..1ec1305cdd5 100644 --- a/2015/7xxx/CVE-2015-7093.json +++ b/2015/7xxx/CVE-2015-7093.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7093", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7093", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "1034348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Safari in Apple iOS before 9.2 allows remote attackers to spoof a URL in the user interface via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "1034348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034348" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7306.json b/2015/7xxx/CVE-2015-7306.json index 5561923d6a0..d2bdb266f7e 100644 --- a/2015/7xxx/CVE-2015-7306.json +++ b/2015/7xxx/CVE-2015-7306.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the \"access administration pages\" permission." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7306", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2569599", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2569599" - }, - { - "name" : "https://www.drupal.org/node/2569111", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2569111" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CMS Updater module 7.x-1.x before 7.x-1.3 for Drupal does not properly check access permissions, which allows remote authenticated users to access and change settings by leveraging the \"access administration pages\" permission." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2569599", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2569599" + }, + { + "name": "https://www.drupal.org/node/2569111", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2569111" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7579.json b/2015/7xxx/CVE-2015-7579.json index f428e359ce3..c26efefa7df 100644 --- a/2015/7xxx/CVE-2015-7579.json +++ b/2015/7xxx/CVE-2015-7579.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7579", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-7579", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/25/12" - }, - { - "name" : "[ruby-security-ann] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/OU9ugTZcbjc/uksRkSxZEgAJ" - }, - { - "name" : "https://github.com/rails/rails-html-sanitizer/commit/49dfc1584c5b8e35a4ffabf8356ba3df025e8d3f", - "refsource" : "CONFIRM", - "url" : "https://github.com/rails/rails-html-sanitizer/commit/49dfc1584c5b8e35a4ffabf8356ba3df025e8d3f" - }, - { - "name" : "FEDORA-2016-3a2606f993", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html" - }, - { - "name" : "FEDORA-2016-59ce8b61dd", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html" - }, - { - "name" : "SUSE-SU-2016:1146", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:0391", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html" - }, - { - "name" : "openSUSE-SU-2016:0356", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html" - }, - { - "name" : "1034816", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that is mishandled by the Rails::Html::FullSanitizer class." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/rails/rails-html-sanitizer/commit/49dfc1584c5b8e35a4ffabf8356ba3df025e8d3f", + "refsource": "CONFIRM", + "url": "https://github.com/rails/rails-html-sanitizer/commit/49dfc1584c5b8e35a4ffabf8356ba3df025e8d3f" + }, + { + "name": "[ruby-security-ann] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/OU9ugTZcbjc/uksRkSxZEgAJ" + }, + { + "name": "FEDORA-2016-3a2606f993", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html" + }, + { + "name": "SUSE-SU-2016:1146", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html" + }, + { + "name": "1034816", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034816" + }, + { + "name": "[oss-security] 20160125 [CVE-2015-7579] XSS vulnerability in rails-html-sanitizer", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/25/12" + }, + { + "name": "FEDORA-2016-59ce8b61dd", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html" + }, + { + "name": "SUSE-SU-2016:0391", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html" + }, + { + "name": "openSUSE-SU-2016:0356", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7885.json b/2015/7xxx/CVE-2015-7885.json index fb772b7fb58..635c7fd34bc 100644 --- a/2015/7xxx/CVE-2015-7885.json +++ b/2015/7xxx/CVE-2015-7885.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7885", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7885", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/21/8" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274728", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274728" - }, - { - "name" : "https://github.com/torvalds/linux/commit/4b6184336ebb5c8dc1eae7f7ab46ee608a748b05", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/4b6184336ebb5c8dc1eae7f7ab46ee608a748b05" - }, - { - "name" : "USN-2841-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-1" - }, - { - "name" : "USN-2841-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2841-2" - }, - { - "name" : "USN-2842-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-1" - }, - { - "name" : "USN-2842-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2842-2" - }, - { - "name" : "USN-2843-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-1" - }, - { - "name" : "USN-2843-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-2" - }, - { - "name" : "USN-2843-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2843-3" - }, - { - "name" : "USN-2844-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2844-1" - }, - { - "name" : "77317", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77317" - }, - { - "name" : "1034896", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2841-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-2" + }, + { + "name": "77317", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77317" + }, + { + "name": "USN-2843-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-1" + }, + { + "name": "USN-2844-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2844-1" + }, + { + "name": "USN-2842-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-2" + }, + { + "name": "USN-2843-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-2" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4b6184336ebb5c8dc1eae7f7ab46ee608a748b05" + }, + { + "name": "USN-2842-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2842-1" + }, + { + "name": "[oss-security] 20151021 Re: CVE Request: Linux Kernel ioctl infoleaks on vivid-osd and dgnc", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/21/8" + }, + { + "name": "1034896", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034896" + }, + { + "name": "https://github.com/torvalds/linux/commit/4b6184336ebb5c8dc1eae7f7ab46ee608a748b05", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/4b6184336ebb5c8dc1eae7f7ab46ee608a748b05" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274728", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274728" + }, + { + "name": "USN-2841-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2841-1" + }, + { + "name": "USN-2843-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2843-3" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7930.json b/2015/7xxx/CVE-2015-7930.json index bb45ae94618..344655222c1 100644 --- a/2015/7xxx/CVE-2015-7930.json +++ b/2015/7xxx/CVE-2015-7930.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7930", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-7930", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-349-01", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-349-01" - }, - { - "name" : "79345", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79345" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adcon Telemetry A840 Telemetry Gateway Base Station has hardcoded credentials, which allows remote attackers to obtain administrative access via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-349-01", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-349-01" + }, + { + "name": "79345", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79345" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8207.json b/2015/8xxx/CVE-2015-8207.json index d8c8845de0b..43f99eb4b06 100644 --- a/2015/8xxx/CVE-2015-8207.json +++ b/2015/8xxx/CVE-2015-8207.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8207", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8207", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8240.json b/2015/8xxx/CVE-2015-8240.json index 42ee5170ce2..915b52e0ad5 100644 --- a/2015/8xxx/CVE-2015-8240.json +++ b/2015/8xxx/CVE-2015-8240.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8240", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8240", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html", - "refsource" : "CONFIRM", - "url" : "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html" - }, - { - "name" : "1035367", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035367" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and BIG-IP PEM before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.0 HF6 and BIG-IP PSM before 11.4.1 HF10 does not properly handle TCP options, which allows remote attackers to cause a denial of service via unspecified vectors, related to the tm.minpathmtu database variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html", + "refsource": "CONFIRM", + "url": "https://support.f5.com/kb/en-us/solutions/public/k/06/sol06223540.html" + }, + { + "name": "1035367", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035367" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8484.json b/2015/8xxx/CVE-2015-8484.json index e2159ae04e8..ee11c488765 100644 --- a/2015/8xxx/CVE-2015-8484.json +++ b/2015/8xxx/CVE-2015-8484.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8484", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-8484", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://cs.cybozu.co.jp/2016/006110.html", - "refsource" : "CONFIRM", - "url" : "https://cs.cybozu.co.jp/2016/006110.html" - }, - { - "name" : "JVN#48720230", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN48720230/index.html" - }, - { - "name" : "JVNDB-2016-000023", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000023" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-viewing restrictions via unspecified vectors, a different vulnerability than CVE-2015-8485, CVE-2015-8486, and CVE-2016-1152." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://cs.cybozu.co.jp/2016/006110.html", + "refsource": "CONFIRM", + "url": "https://cs.cybozu.co.jp/2016/006110.html" + }, + { + "name": "JVNDB-2016-000023", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000023" + }, + { + "name": "JVN#48720230", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN48720230/index.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8772.json b/2015/8xxx/CVE-2015-8772.json index 1133fede1f6..0bd1340ab77 100644 --- a/2015/8xxx/CVE-2015-8772.json +++ b/2015/8xxx/CVE-2015-8772.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8772", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large VERIFY_INFORMATION.Length value in an IOCTL_DISK_VERIFY ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8772", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160127 McAfee File Lock Driver - Kernel Memory Leak", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/90" - }, - { - "name" : "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-memory-leak/", - "refsource" : "MISC", - "url" : "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-memory-leak/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large VERIFY_INFORMATION.Length value in an IOCTL_DISK_VERIFY ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160127 McAfee File Lock Driver - Kernel Memory Leak", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/90" + }, + { + "name": "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-memory-leak/", + "refsource": "MISC", + "url": "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-memory-leak/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8936.json b/2015/8xxx/CVE-2015-8936.json index 62fc8c41cbe..2bd720edcef 100644 --- a/2015/8xxx/CVE-2015-8936.json +++ b/2015/8xxx/CVE-2015-8936.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8936", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2015-8936", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160620 CVE Request: 2015 squidguard reflected XSS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/20/2" - }, - { - "name" : "[oss-security] 20160620 RE: CVE Request: 2015 squidguard reflected XSS", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/20/6" - }, - { - "name" : "http://www.squidguard.org/Downloads/CHANGELOG", - "refsource" : "CONFIRM", - "url" : "http://www.squidguard.org/Downloads/CHANGELOG" - }, - { - "name" : "http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201", - "refsource" : "CONFIRM", - "url" : "http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201" - }, - { - "name" : "91305", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91305" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160620 RE: CVE Request: 2015 squidguard reflected XSS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/20/6" + }, + { + "name": "http://www.squidguard.org/Downloads/CHANGELOG", + "refsource": "CONFIRM", + "url": "http://www.squidguard.org/Downloads/CHANGELOG" + }, + { + "name": "[oss-security] 20160620 CVE Request: 2015 squidguard reflected XSS", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/20/2" + }, + { + "name": "91305", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91305" + }, + { + "name": "http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201", + "refsource": "CONFIRM", + "url": "http://www.squidguard.org/Downloads/Patches/1.4/Readme.Patch-20150201" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0551.json b/2016/0xxx/CVE-2016-0551.json index 452892db67b..28fd5d11122 100644 --- a/2016/0xxx/CVE-2016-0551.json +++ b/2016/0xxx/CVE-2016-0551.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0551", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0551", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Customer Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2016-0545, CVE-2016-0552, CVE-2016-0559, and CVE-2016-0560." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0625.json b/2016/0xxx/CVE-2016-0625.json index 8115ab70fb9..d013f7c7da5 100644 --- a/2016/0xxx/CVE-2016-0625.json +++ b/2016/0xxx/CVE-2016-0625.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0625", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0625", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0653.json b/2016/0xxx/CVE-2016-0653.json index ae6f302b8c4..8e4caab2700 100644 --- a/2016/0xxx/CVE-2016-0653.json +++ b/2016/0xxx/CVE-2016-0653.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" - }, - { - "name" : "1035606", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.7.10 and earlier allows local users to affect availability via vectors related to FTS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035606", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035606" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1525.json b/2016/1xxx/CVE-2016-1525.json index 5b204908a2a..43aa95e13c4 100644 --- a/2016/1xxx/CVE-2016-1525.json +++ b/2016/1xxx/CVE-2016-1525.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537446/100/0/threaded" - }, - { - "name" : "39515", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39515/" - }, - { - "name" : "39412", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39412/" - }, - { - "name" : "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Feb/30" - }, - { - "name" : "http://packetstormsecurity.com/files/135999/NETGEAR-ProSafe-Network-Management-System-300-Arbitrary-File-Upload.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135999/NETGEAR-ProSafe-Network-Management-System-300-Arbitrary-File-Upload.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/windows/http/netgear_nms_rce", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/windows/http/netgear_nms_rce" - }, - { - "name" : "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html" - }, - { - "name" : "VU#777024", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/777024" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the realName parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.rapid7.com/db/modules/exploit/windows/http/netgear_nms_rce", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/windows/http/netgear_nms_rce" + }, + { + "name": "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537446/100/0/threaded" + }, + { + "name": "20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Feb/30" + }, + { + "name": "39515", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39515/" + }, + { + "name": "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135618/Netgear-Pro-NMS-300-Code-Execution-File-Download.html" + }, + { + "name": "http://packetstormsecurity.com/files/135999/NETGEAR-ProSafe-Network-Management-System-300-Arbitrary-File-Upload.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135999/NETGEAR-ProSafe-Network-Management-System-300-Arbitrary-File-Upload.html" + }, + { + "name": "39412", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39412/" + }, + { + "name": "VU#777024", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/777024" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1569.json b/2016/1xxx/CVE-2016-1569.json index 3db44f6b87d..aecac7dee87 100644 --- a/2016/1xxx/CVE-2016-1569.json +++ b/2016/1xxx/CVE-2016-1569.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1569", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1569", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160110 CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/10/2" - }, - { - "name" : "[oss-security] 20160110 Re: CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/10/3" - }, - { - "name" : "http://sourceforge.net/p/firebird/code/62783/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/p/firebird/code/62783/" - }, - { - "name" : "http://tracker.firebirdsql.org/browse/CORE-5068", - "refsource" : "CONFIRM", - "url" : "http://tracker.firebirdsql.org/browse/CORE-5068" - }, - { - "name" : "FEDORA-2016-bec6b9c395", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177119.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20160110 CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/10/2" + }, + { + "name": "[oss-security] 20160110 Re: CVE Request: FireBird RDBMS: authenticated clients crash FireBird when running gbak with invalid parameter", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/10/3" + }, + { + "name": "http://tracker.firebirdsql.org/browse/CORE-5068", + "refsource": "CONFIRM", + "url": "http://tracker.firebirdsql.org/browse/CORE-5068" + }, + { + "name": "http://sourceforge.net/p/firebird/code/62783/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/p/firebird/code/62783/" + }, + { + "name": "FEDORA-2016-bec6b9c395", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177119.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5208.json b/2016/5xxx/CVE-2016-5208.json index e6d97cc063a..efb40db85ff 100644 --- a/2016/5xxx/CVE-2016-5208.json +++ b/2016/5xxx/CVE-2016-5208.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-5208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android", - "version" : { - "version_data" : [ - { - "version_value" : "Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "object corruption" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android", + "version": { + "version_data": [ + { + "version_value": "Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" - }, - { - "name" : "https://crbug.com/658535", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/658535" - }, - { - "name" : "GLSA-201612-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-11" - }, - { - "name" : "RHSA-2016:2919", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2919.html" - }, - { - "name" : "94633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94633" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Blink in Google Chrome prior to 55.0.2883.75 for Linux and Windows, and 55.0.2883.84 for Android allowed possible corruption of the DOM tree during synchronous event handling, which allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "object corruption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:2919", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2919.html" + }, + { + "name": "94633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94633" + }, + { + "name": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/12/stable-channel-update-for-desktop.html" + }, + { + "name": "https://crbug.com/658535", + "refsource": "CONFIRM", + "url": "https://crbug.com/658535" + }, + { + "name": "GLSA-201612-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-11" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5396.json b/2016/5xxx/CVE-2016-5396.json index 3d7c3d60bf3..e4231ea8551 100644 --- a/2016/5xxx/CVE-2016-5396.json +++ b/2016/5xxx/CVE-2016-5396.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "ID" : "CVE-2016-5396", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Traffic Server", - "version" : { - "version_data" : [ - { - "version_value" : "6.0.0 to 6.2.0" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "DoS attack" - } + "CVE_data_meta": { + "ASSIGNER": "security@apache.org", + "ID": "CVE-2016-5396", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Traffic Server", + "version": { + "version_data": [ + { + "version_value": "6.0.0 to 6.2.0" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://issues.apache.org/jira/browse/TS-5019", - "refsource" : "CONFIRM", - "url" : "https://issues.apache.org/jira/browse/TS-5019" - }, - { - "name" : "97945", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/97945" - }, - { - "name" : "1038275", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038275" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Traffic Server 6.0.0 to 6.2.0 are affected by an HPACK Bomb Attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "DoS attack" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://issues.apache.org/jira/browse/TS-5019", + "refsource": "CONFIRM", + "url": "https://issues.apache.org/jira/browse/TS-5019" + }, + { + "name": "97945", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/97945" + }, + { + "name": "1038275", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038275" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5644.json b/2016/5xxx/CVE-2016-5644.json index 66960ab5091..166fb088597 100644 --- a/2016/5xxx/CVE-2016-5644.json +++ b/2016/5xxx/CVE-2016-5644.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5644", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5644", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5710.json b/2016/5xxx/CVE-2016-5710.json index ce91154efb0..c200a4c3d74 100644 --- a/2016/5xxx/CVE-2016-5710.json +++ b/2016/5xxx/CVE-2016-5710.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5710", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5710", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5848.json b/2016/5xxx/CVE-2016-5848.json index 5ca13235b5f..50a47bf1946 100644 --- a/2016/5xxx/CVE-2016-5848.json +++ b/2016/5xxx/CVE-2016-5848.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5848", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5848", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02" - }, - { - "name" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf" - }, - { - "name" : "91525", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Siemens SICAM PAS before 8.07 does not properly restrict password data in the database, which makes it easier for local users to calculate passwords by leveraging unspecified database privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-182-02" + }, + { + "name": "91525", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91525" + }, + { + "name": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf", + "refsource": "CONFIRM", + "url": "http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa-444217.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2110.json b/2018/2xxx/CVE-2018-2110.json index d1a1dd8f577..907ef845be9 100644 --- a/2018/2xxx/CVE-2018-2110.json +++ b/2018/2xxx/CVE-2018-2110.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2110", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2110", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0311.json b/2019/0xxx/CVE-2019-0311.json index f744e67fc79..16a308049b4 100644 --- a/2019/0xxx/CVE-2019-0311.json +++ b/2019/0xxx/CVE-2019-0311.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0311", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0311", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0513.json b/2019/0xxx/CVE-2019-0513.json index f1a5029d331..bc0ea35c91a 100644 --- a/2019/0xxx/CVE-2019-0513.json +++ b/2019/0xxx/CVE-2019-0513.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0513", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0513", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0668.json b/2019/0xxx/CVE-2019-0668.json index a22fea09fba..7be401a20f2 100644 --- a/2019/0xxx/CVE-2019-0668.json +++ b/2019/0xxx/CVE-2019-0668.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0668", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft SharePoint Enterprise Server", - "version" : { - "version_data" : [ - { - "version_value" : "2016" - }, - { - "version_value" : "2013 Service Pack 1" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of Privilege" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0668", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft SharePoint Enterprise Server", + "version": { + "version_data": [ + { + "version_value": "2016" + }, + { + "version_value": "2013 Service Pack 1" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668" - }, - { - "name" : "106894", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0668" + }, + { + "name": "106894", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106894" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0735.json b/2019/0xxx/CVE-2019-0735.json index 63f9a039443..39e6b910340 100644 --- a/2019/0xxx/CVE-2019-0735.json +++ b/2019/0xxx/CVE-2019-0735.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0735", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0735", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0854.json b/2019/0xxx/CVE-2019-0854.json index 3daf34f732e..e80c25dc345 100644 --- a/2019/0xxx/CVE-2019-0854.json +++ b/2019/0xxx/CVE-2019-0854.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0854", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0854", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1002.json b/2019/1xxx/CVE-2019-1002.json index 03457679165..b36eca49567 100644 --- a/2019/1xxx/CVE-2019-1002.json +++ b/2019/1xxx/CVE-2019-1002.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1002", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1002", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1282.json b/2019/1xxx/CVE-2019-1282.json index 66b75aa30cd..10cc099d14b 100644 --- a/2019/1xxx/CVE-2019-1282.json +++ b/2019/1xxx/CVE-2019-1282.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1282", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1282", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1542.json b/2019/1xxx/CVE-2019-1542.json index 53bb2c399de..33009dbc1e1 100644 --- a/2019/1xxx/CVE-2019-1542.json +++ b/2019/1xxx/CVE-2019-1542.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1542", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1542", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1771.json b/2019/1xxx/CVE-2019-1771.json index 2aea6a8e052..1b9b033aa11 100644 --- a/2019/1xxx/CVE-2019-1771.json +++ b/2019/1xxx/CVE-2019-1771.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1771", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1771", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1964.json b/2019/1xxx/CVE-2019-1964.json index da3a5b9e030..f793fded64d 100644 --- a/2019/1xxx/CVE-2019-1964.json +++ b/2019/1xxx/CVE-2019-1964.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1964", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1964", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4107.json b/2019/4xxx/CVE-2019-4107.json index ba59659c846..bba02b29c97 100644 --- a/2019/4xxx/CVE-2019-4107.json +++ b/2019/4xxx/CVE-2019-4107.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4107", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4107", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4273.json b/2019/4xxx/CVE-2019-4273.json index 4d4a1c49298..00b2c9fefb6 100644 --- a/2019/4xxx/CVE-2019-4273.json +++ b/2019/4xxx/CVE-2019-4273.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4273", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4273", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4318.json b/2019/4xxx/CVE-2019-4318.json index 4b92c5d4928..896510692bb 100644 --- a/2019/4xxx/CVE-2019-4318.json +++ b/2019/4xxx/CVE-2019-4318.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4318", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4318", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4754.json b/2019/4xxx/CVE-2019-4754.json index a069723ff1c..336da3657e4 100644 --- a/2019/4xxx/CVE-2019-4754.json +++ b/2019/4xxx/CVE-2019-4754.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4754", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4754", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5703.json b/2019/5xxx/CVE-2019-5703.json index 8ba7dbea790..4e43e01d09a 100644 --- a/2019/5xxx/CVE-2019-5703.json +++ b/2019/5xxx/CVE-2019-5703.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5703", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5703", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5717.json b/2019/5xxx/CVE-2019-5717.json index 614113c762b..b51d2aa3155 100644 --- a/2019/5xxx/CVE-2019-5717.json +++ b/2019/5xxx/CVE-2019-5717.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5717", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5717", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190128 [SECURITY] [DLA 1645-1] wireshark security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/01/msg00022.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337", - "refsource" : "MISC", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7", - "refsource" : "MISC", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2019-02.html", - "refsource" : "MISC", - "url" : "https://www.wireshark.org/security/wnpa-sec-2019-02.html" - }, - { - "name" : "106482", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106482" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector could crash. This was addressed in epan/dissectors/packet-p_mul.c by rejecting the invalid sequence number of zero." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337", + "refsource": "MISC", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2019-02.html", + "refsource": "MISC", + "url": "https://www.wireshark.org/security/wnpa-sec-2019-02.html" + }, + { + "name": "[debian-lts-announce] 20190128 [SECURITY] [DLA 1645-1] wireshark security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00022.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7", + "refsource": "MISC", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7" + }, + { + "name": "106482", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106482" + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5834.json b/2019/5xxx/CVE-2019-5834.json index 614dcfc7ff1..610d4b3654d 100644 --- a/2019/5xxx/CVE-2019-5834.json +++ b/2019/5xxx/CVE-2019-5834.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5834", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5834", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8082.json b/2019/8xxx/CVE-2019-8082.json index d9cfd01ffdb..c9c5f4f9445 100644 --- a/2019/8xxx/CVE-2019-8082.json +++ b/2019/8xxx/CVE-2019-8082.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8082", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8082", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8436.json b/2019/8xxx/CVE-2019-8436.json index 0a6e7abb106..551626b5c0c 100644 --- a/2019/8xxx/CVE-2019-8436.json +++ b/2019/8xxx/CVE-2019-8436.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8436", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8436", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/peacexie/imcat/issues/1", - "refsource" : "MISC", - "url" : "https://github.com/peacexie/imcat/issues/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/peacexie/imcat/issues/1", + "refsource": "MISC", + "url": "https://github.com/peacexie/imcat/issues/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9078.json b/2019/9xxx/CVE-2019-9078.json index 957b96608c1..b8382f58b32 100644 --- a/2019/9xxx/CVE-2019-9078.json +++ b/2019/9xxx/CVE-2019-9078.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9078", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9078", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/NS-Sp4ce/ZZCMS-XSS/blob/master/xss.md", - "refsource" : "MISC", - "url" : "https://github.com/NS-Sp4ce/ZZCMS-XSS/blob/master/xss.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter because inc/stopsqlin.php does not block a mixed-case string such as sCrIpT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/NS-Sp4ce/ZZCMS-XSS/blob/master/xss.md", + "refsource": "MISC", + "url": "https://github.com/NS-Sp4ce/ZZCMS-XSS/blob/master/xss.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9232.json b/2019/9xxx/CVE-2019-9232.json index a034b5fdaf1..186df8b96d8 100644 --- a/2019/9xxx/CVE-2019-9232.json +++ b/2019/9xxx/CVE-2019-9232.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9232", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9232", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file