diff --git a/2007/0xxx/CVE-2007-0211.json b/2007/0xxx/CVE-2007-0211.json index 4738be18389..8edb819186b 100644 --- a/2007/0xxx/CVE-2007-0211.json +++ b/2007/0xxx/CVE-2007-0211.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0211", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the \"detection and registration of new hardware.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0211", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS07-006", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-006" - }, - { - "name" : "TA07-044A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" - }, - { - "name" : "VU#240796", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/240796" - }, - { - "name" : "22481", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22481" - }, - { - "name" : "ADV-2007-0575", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0575" - }, - { - "name" : "31890", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/31890" - }, - { - "name" : "oval:org.mitre.oval:def:224", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A224" - }, - { - "name" : "1017633", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017633" - }, - { - "name" : "24126", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24126" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the \"detection and registration of new hardware.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0575", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0575" + }, + { + "name": "VU#240796", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/240796" + }, + { + "name": "24126", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24126" + }, + { + "name": "1017633", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017633" + }, + { + "name": "TA07-044A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html" + }, + { + "name": "22481", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22481" + }, + { + "name": "oval:org.mitre.oval:def:224", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A224" + }, + { + "name": "MS07-006", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-006" + }, + { + "name": "31890", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/31890" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0455.json b/2007/0xxx/CVE-2007-0455.json index c98d0d04ddf..e814f0631f6 100644 --- a/2007/0xxx/CVE-2007-0455.json +++ b/2007/0xxx/CVE-2007-0455.json @@ -1,232 +1,232 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0455", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0455", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/466166/100/0/threaded" - }, - { - "name" : "[security-announce] 20070208 rPSA-2007-0028-1 gd", - "refsource" : "MLIST", - "url" : "http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html" - }, - { - "name" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607", - "refsource" : "CONFIRM", - "url" : "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1030", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1030" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1268", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1268" - }, - { - "name" : "FEDORA-2007-150", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2631" - }, - { - "name" : "FEDORA-2010-19022", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html" - }, - { - "name" : "FEDORA-2010-19033", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html" - }, - { - "name" : "MDKSA-2007:035", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:035" - }, - { - "name" : "MDKSA-2007:036", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:036" - }, - { - "name" : "MDKSA-2007:038", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038" - }, - { - "name" : "MDKSA-2007:109", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:109" - }, - { - "name" : "RHSA-2007:0155", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2007-0155.html" - }, - { - "name" : "RHSA-2007:0153", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0153.html" - }, - { - "name" : "RHSA-2007:0162", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0162.html" - }, - { - "name" : "RHSA-2008:0146", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0146.html" - }, - { - "name" : "2007-0007", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0007" - }, - { - "name" : "USN-473-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-473-1" - }, - { - "name" : "22289", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22289" - }, - { - "name" : "oval:org.mitre.oval:def:11303", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303" - }, - { - "name" : "42813", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/42813" - }, - { - "name" : "ADV-2007-0400", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0400" - }, - { - "name" : "23916", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23916" - }, - { - "name" : "24022", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24022" - }, - { - "name" : "24052", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24052" - }, - { - "name" : "24053", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24053" - }, - { - "name" : "24107", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24107" - }, - { - "name" : "24143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24143" - }, - { - "name" : "24151", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24151" - }, - { - "name" : "24924", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24924" - }, - { - "name" : "24965", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24965" - }, - { - "name" : "24945", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24945" - }, - { - "name" : "25575", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25575" - }, - { - "name" : "29157", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29157" - }, - { - "name" : "ADV-2011-0022", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2011/0022" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24022", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24022" + }, + { + "name": "29157", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29157" + }, + { + "name": "24107", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24107" + }, + { + "name": "24143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24143" + }, + { + "name": "22289", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22289" + }, + { + "name": "20070418 rPSA-2007-0073-1 php php-mysql php-pgsql", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/466166/100/0/threaded" + }, + { + "name": "ADV-2007-0400", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0400" + }, + { + "name": "23916", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23916" + }, + { + "name": "24151", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24151" + }, + { + "name": "RHSA-2007:0162", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0162.html" + }, + { + "name": "42813", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/42813" + }, + { + "name": "MDKSA-2007:038", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:038" + }, + { + "name": "MDKSA-2007:035", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:035" + }, + { + "name": "ADV-2011-0022", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2011/0022" + }, + { + "name": "oval:org.mitre.oval:def:11303", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11303" + }, + { + "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607", + "refsource": "CONFIRM", + "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=224607" + }, + { + "name": "[security-announce] 20070208 rPSA-2007-0028-1 gd", + "refsource": "MLIST", + "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000145.html" + }, + { + "name": "FEDORA-2010-19033", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html" + }, + { + "name": "24945", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24945" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1268", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1268" + }, + { + "name": "MDKSA-2007:109", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:109" + }, + { + "name": "RHSA-2008:0146", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0146.html" + }, + { + "name": "2007-0007", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0007" + }, + { + "name": "24053", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24053" + }, + { + "name": "24924", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24924" + }, + { + "name": "24052", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24052" + }, + { + "name": "FEDORA-2010-19022", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html" + }, + { + "name": "RHSA-2007:0155", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2007-0155.html" + }, + { + "name": "24965", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24965" + }, + { + "name": "MDKSA-2007:036", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:036" + }, + { + "name": "25575", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25575" + }, + { + "name": "FEDORA-2007-150", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2631" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1030", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1030" + }, + { + "name": "USN-473-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-473-1" + }, + { + "name": "RHSA-2007:0153", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0153.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0502.json b/2007/0xxx/CVE-2007-0502.json index 7a5e69e8cff..f05f02230a4 100644 --- a/2007/0xxx/CVE-2007-0502.json +++ b/2007/0xxx/CVE-2007-0502.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0502", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0502", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3172", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3172" - }, - { - "name" : "22149", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22149" - }, - { - "name" : "ADV-2007-0270", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0270" - }, - { - "name" : "36798", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36798" - }, - { - "name" : "webspell-gallery-sql-injection(31632)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31632" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in gallery.php in webSPELL 4.01.02 allows remote attackers to execute arbitrary SQL commands via the picID parameter, a different vector than CVE-2007-0492." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3172", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3172" + }, + { + "name": "webspell-gallery-sql-injection(31632)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31632" + }, + { + "name": "ADV-2007-0270", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0270" + }, + { + "name": "36798", + "refsource": "OSVDB", + "url": "http://osvdb.org/36798" + }, + { + "name": "22149", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22149" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0645.json b/2007/0xxx/CVE-2007-0645.json index defaedd1a76..e1cb9004389 100644 --- a/2007/0xxx/CVE-2007-0645.json +++ b/2007/0xxx/CVE-2007-0645.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0645", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0645", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.digitalmunition.com/MOAB-30-01-2007.html", - "refsource" : "MISC", - "url" : "http://www.digitalmunition.com/MOAB-30-01-2007.html" - }, - { - "name" : "http://projects.info-pull.com/moab/MOAB-30-01-2007.html", - "refsource" : "MISC", - "url" : "http://projects.info-pull.com/moab/MOAB-30-01-2007.html" - }, - { - "name" : "22326", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22326" - }, - { - "name" : "32711", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32711" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in iPhoto 6.0.5 allows remote user-assisted attackers to cause a denial of service (crash) via format string specifiers in a filename, which is not properly handled when calling certain Apple AppKit functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://projects.info-pull.com/moab/MOAB-30-01-2007.html", + "refsource": "MISC", + "url": "http://projects.info-pull.com/moab/MOAB-30-01-2007.html" + }, + { + "name": "22326", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22326" + }, + { + "name": "32711", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32711" + }, + { + "name": "http://www.digitalmunition.com/MOAB-30-01-2007.html", + "refsource": "MISC", + "url": "http://www.digitalmunition.com/MOAB-30-01-2007.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1184.json b/2007/1xxx/CVE-2007-1184.json index d80cceb465b..3624cf21ebd 100644 --- a/2007/1xxx/CVE-2007-1184.json +++ b/2007/1xxx/CVE-2007-1184.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1184", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of \"no,\" which makes it easier for automated programs to submit false data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1184", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" - }, - { - "name" : "22563", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22563" - }, - { - "name" : "ADV-2007-0604", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0604" - }, - { - "name" : "33294", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33294" - }, - { - "name" : "24080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of WebAPP before 0.9.9.5 has a CAPTCHA setting of \"no,\" which makes it easier for automated programs to submit false data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33294", + "refsource": "OSVDB", + "url": "http://osvdb.org/33294" + }, + { + "name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" + }, + { + "name": "ADV-2007-0604", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0604" + }, + { + "name": "24080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24080" + }, + { + "name": "22563", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22563" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1471.json b/2007/1xxx/CVE-2007-1471.json index 806722268e6..9c97bb57e0f 100644 --- a/2007/1xxx/CVE-2007-1471.json +++ b/2007/1xxx/CVE-2007-1471.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1471", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1471", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070315 Orion-Blog v2.0 Version Remote Privilege Escalation Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/462920/100/0/threaded" - }, - { - "name" : "35039", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35039" - }, - { - "name" : "2440", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2440" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070315 Orion-Blog v2.0 Version Remote Privilege Escalation Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/462920/100/0/threaded" + }, + { + "name": "35039", + "refsource": "OSVDB", + "url": "http://osvdb.org/35039" + }, + { + "name": "2440", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2440" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1771.json b/2007/1xxx/CVE-2007-1771.json index 2d541d984a1..47a34beca57 100644 --- a/2007/1xxx/CVE-2007-1771.json +++ b/2007/1xxx/CVE-2007-1771.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1771", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1771", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3592", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3592" - }, - { - "name" : "23171", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23171" - }, - { - "name" : "ADV-2007-1139", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1139" - }, - { - "name" : "34500", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34500" - }, - { - "name" : "24663", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24663" - }, - { - "name" : "wcs-formjavascript-file-include(33281)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in manage/javascript/formjavascript.php in Ay System Solutions Web Content System (WCS) 2.7.1 allows remote attackers to execute arbitrary PHP code via a URL in the path[JavascriptEdit] parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24663", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24663" + }, + { + "name": "34500", + "refsource": "OSVDB", + "url": "http://osvdb.org/34500" + }, + { + "name": "wcs-formjavascript-file-include(33281)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33281" + }, + { + "name": "3592", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3592" + }, + { + "name": "23171", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23171" + }, + { + "name": "ADV-2007-1139", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1139" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4019.json b/2007/4xxx/CVE-2007-4019.json index 90b49db5429..d97caea8c6f 100644 --- a/2007/4xxx/CVE-2007-4019.json +++ b/2007/4xxx/CVE-2007-4019.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4019", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2930. Reason: This candidate is a reservation duplicate of CVE-2007-2930. Notes: All CVE users should reference CVE-2007-2930 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-4019", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2930. Reason: This candidate is a reservation duplicate of CVE-2007-2930. Notes: All CVE users should reference CVE-2007-2930 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5475.json b/2007/5xxx/CVE-2007-5475.json index 49afdfce2c7..f1c31c56049 100644 --- a/2007/5xxx/CVE-2007-5475.json +++ b/2007/5xxx/CVE-2007-5475.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5475", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5475", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20091110 Marvell Driver Multiple Information Element Overflows", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/507781/100/0/threaded" - }, - { - "name" : "37345", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37345" - }, - { - "name" : "ADV-2009-3239", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple buffer overflows in the Marvell wireless driver, as used in Linksys WAP4400N Wi-Fi access point with firmware 1.2.17 on the Marvell 88W8361P-BEM1 chipset, and other products, allow remote 802.11-authenticated users to cause a denial of service (wireless access point crash) and possibly execute arbitrary code via an association request with long (1) rates, (2) extended rates, and unspecified other information elements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-3239", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3239" + }, + { + "name": "20091110 Marvell Driver Multiple Information Element Overflows", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/507781/100/0/threaded" + }, + { + "name": "37345", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37345" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5477.json b/2007/5xxx/CVE-2007-5477.json index 69cb7dde9b6..45ebaf8ee8a 100644 --- a/2007/5xxx/CVE-2007-5477.json +++ b/2007/5xxx/CVE-2007-5477.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5477", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Server plugin allows remote attackers to inject arbitrary web script or HTML via the redir parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5477", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sla.ckers.org/forum/read.php?3,44,11482#msg-11482", - "refsource" : "MISC", - "url" : "http://sla.ckers.org/forum/read.php?3,44,11482#msg-11482" - }, - { - "name" : "20071016 true: WebMod 0.48 XSS", - "refsource" : "VIM", - "url" : "http://www.attrition.org/pipermail/vim/2007-October/001833.html" - }, - { - "name" : "26087", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26087" - }, - { - "name" : "37833", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37833" - }, - { - "name" : "27245", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27245" - }, - { - "name" : "webmod-auth-xss(37220)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37220" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in auth.w in djeyl.net WebMod 0.48 Half-Life Dedicated Server plugin allows remote attackers to inject arbitrary web script or HTML via the redir parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37833", + "refsource": "OSVDB", + "url": "http://osvdb.org/37833" + }, + { + "name": "http://sla.ckers.org/forum/read.php?3,44,11482#msg-11482", + "refsource": "MISC", + "url": "http://sla.ckers.org/forum/read.php?3,44,11482#msg-11482" + }, + { + "name": "webmod-auth-xss(37220)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37220" + }, + { + "name": "27245", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27245" + }, + { + "name": "20071016 true: WebMod 0.48 XSS", + "refsource": "VIM", + "url": "http://www.attrition.org/pipermail/vim/2007-October/001833.html" + }, + { + "name": "26087", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26087" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5513.json b/2007/5xxx/CVE-2007-5513.json index 7a0c60d2b86..1e50c804765 100644 --- a/2007/5xxx/CVE-2007-5513.json +++ b/2007/5xxx/CVE-2007-5513.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5513", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5513", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071017 Oracle audit issue with XMLDB ftp service", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482426/100/0/threaded" - }, - { - "name" : "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-oracle-xmldb-ftp-service/", - "refsource" : "MISC", - "url" : "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-oracle-xmldb-ftp-service/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "TA07-290A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" - }, - { - "name" : "26107", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26107" - }, - { - "name" : "ADV-2007-3524", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3524" - }, - { - "name" : "ADV-2007-3626", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3626" - }, - { - "name" : "1018823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018823" - }, - { - "name" : "27251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27251" - }, - { - "name" : "27409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27409" - }, - { - "name" : "3247", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3247" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "26107", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26107" + }, + { + "name": "20071017 Oracle audit issue with XMLDB ftp service", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482426/100/0/threaded" + }, + { + "name": "3247", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3247" + }, + { + "name": "ADV-2007-3524", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3524" + }, + { + "name": "ADV-2007-3626", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3626" + }, + { + "name": "TA07-290A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-oracle-xmldb-ftp-service/", + "refsource": "MISC", + "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-oracle-xmldb-ftp-service/" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "1018823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018823" + }, + { + "name": "27409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27409" + }, + { + "name": "27251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27251" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5848.json b/2007/5xxx/CVE-2007-5848.json index 5c5581d7bea..c9b3c45b6f1 100644 --- a/2007/5xxx/CVE-2007-5848.json +++ b/2007/5xxx/CVE-2007-5848.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5848", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5848", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080105 rPSA-2008-0008-1 cups", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/485829/100/0/threaded" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307179", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307179" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-2009", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-2009" - }, - { - "name" : "APPLE-SA-2007-12-17", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" - }, - { - "name" : "MDVSA-2008:050", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:050" - }, - { - "name" : "SUSE-SA:2008:002", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html" - }, - { - "name" : "SUSE-SR:2008:002", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" - }, - { - "name" : "TA07-352A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" - }, - { - "name" : "26910", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26910" - }, - { - "name" : "ADV-2007-4238", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4238" - }, - { - "name" : "28136", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28136" - }, - { - "name" : "28344", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28344" - }, - { - "name" : "28441", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28441" - }, - { - "name" : "28636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28636" - }, - { - "name" : "macos-cups-bo(39096)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39096" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "28344", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28344" + }, + { + "name": "ADV-2007-4238", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4238" + }, + { + "name": "TA07-352A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html" + }, + { + "name": "SUSE-SR:2008:002", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/suse_security_summary_report.html" + }, + { + "name": "28441", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28441" + }, + { + "name": "28136", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28136" + }, + { + "name": "macos-cups-bo(39096)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39096" + }, + { + "name": "26910", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26910" + }, + { + "name": "SUSE-SA:2008:002", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00003.html" + }, + { + "name": "20080105 rPSA-2008-0008-1 cups", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/485829/100/0/threaded" + }, + { + "name": "APPLE-SA-2007-12-17", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html" + }, + { + "name": "MDVSA-2008:050", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:050" + }, + { + "name": "https://issues.rpath.com/browse/RPL-2009", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-2009" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307179", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307179" + }, + { + "name": "28636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28636" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2236.json b/2015/2xxx/CVE-2015-2236.json index 0353820f562..c8a28b89f99 100644 --- a/2015/2xxx/CVE-2015-2236.json +++ b/2015/2xxx/CVE-2015-2236.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2236", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2236", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2411.json b/2015/2xxx/CVE-2015-2411.json index 231d0da6843..69259b4e9e4 100644 --- a/2015/2xxx/CVE-2015-2411.json +++ b/2015/2xxx/CVE-2015-2411.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2411", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1733 and CVE-2015-2389." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2411", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-065", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" - }, - { - "name" : "1032894", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032894" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-1733 and CVE-2015-2389." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032894", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032894" + }, + { + "name": "MS15-065", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-065" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3277.json b/2015/3xxx/CVE-2015-3277.json index 21cd2e4dcc7..f5d89f430cb 100644 --- a/2015/3xxx/CVE-2015-3277.json +++ b/2015/3xxx/CVE-2015-3277.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3277", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3277", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238324", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1238324" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243518", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1243518" - }, - { - "name" : "FEDORA-2015-13616", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170607.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2015-13616", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170607.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1243518", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1243518" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1238324", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1238324" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3288.json b/2015/3xxx/CVE-2015-3288.json index a482547aa7e..e343f8b4130 100644 --- a/2015/3xxx/CVE-2015-3288.json +++ b/2015/3xxx/CVE-2015-3288.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3288", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-3288", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1333830", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1333830" - }, - { - "name" : "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d" - }, - { - "name" : "https://security-tracker.debian.org/tracker/CVE-2015-3288", - "refsource" : "CONFIRM", - "url" : "https://security-tracker.debian.org/tracker/CVE-2015-3288" - }, - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "93591", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93591" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/6b7339f4c31ad69c8e9c0b2859276e22cf72176d" + }, + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4" + }, + { + "name": "https://security-tracker.debian.org/tracker/CVE-2015-3288", + "refsource": "CONFIRM", + "url": "https://security-tracker.debian.org/tracker/CVE-2015-3288" + }, + { + "name": "93591", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93591" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1333830", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1333830" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3340.json b/2015/3xxx/CVE-2015-3340.json index 35fce678bf9..6d15e73c7f5 100644 --- a/2015/3xxx/CVE-2015-3340.json +++ b/2015/3xxx/CVE-2015-3340.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3340", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3340", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://xenbits.xen.org/xsa/advisory-132.html", - "refsource" : "CONFIRM", - "url" : "http://xenbits.xen.org/xsa/advisory-132.html" - }, - { - "name" : "DSA-3414", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3414" - }, - { - "name" : "FEDORA-2015-6569", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html" - }, - { - "name" : "FEDORA-2015-6583", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html" - }, - { - "name" : "FEDORA-2015-6670", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html" - }, - { - "name" : "GLSA-201604-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-03" - }, - { - "name" : "SUSE-SU-2015:0927", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html" - }, - { - "name" : "openSUSE-SU-2015:0983", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html" - }, - { - "name" : "SUSE-SU-2015:0923", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html" - }, - { - "name" : "74248", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74248" - }, - { - "name" : "1032158", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032158" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xen 4.2.x through 4.5.x does not initialize certain fields, which allows certain remote service domains to obtain sensitive information from memory via a (1) XEN_DOMCTL_gettscinfo or (2) XEN_SYSCTL_getdomaininfolist request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://xenbits.xen.org/xsa/advisory-132.html", + "refsource": "CONFIRM", + "url": "http://xenbits.xen.org/xsa/advisory-132.html" + }, + { + "name": "FEDORA-2015-6569", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156005.html" + }, + { + "name": "SUSE-SU-2015:0923", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00018.html" + }, + { + "name": "74248", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74248" + }, + { + "name": "1032158", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032158" + }, + { + "name": "DSA-3414", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3414" + }, + { + "name": "FEDORA-2015-6583", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157006.html" + }, + { + "name": "SUSE-SU-2015:0927", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00019.html" + }, + { + "name": "GLSA-201604-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-03" + }, + { + "name": "FEDORA-2015-6670", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-May/156979.html" + }, + { + "name": "openSUSE-SU-2015:0983", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3548.json b/2015/3xxx/CVE-2015-3548.json index 5d04a265ace..d6b5d5dd205 100644 --- a/2015/3xxx/CVE-2015-3548.json +++ b/2015/3xxx/CVE-2015-3548.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3548", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3548", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3770.json b/2015/3xxx/CVE-2015-3770.json index 08dc7e5d0d8..eaaf97132a4 100644 --- a/2015/3xxx/CVE-2015-3770.json +++ b/2015/3xxx/CVE-2015-3770.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "76340", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76340" - }, - { - "name" : "1033276", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76340", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76340" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "1033276", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033276" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6847.json b/2015/6xxx/CVE-2015-6847.json index 21b48f66e38..8bb9dde16e8 100644 --- a/2015/6xxx/CVE-2015-6847.json +++ b/2015/6xxx/CVE-2015-6847.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6847", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-6847", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151117 ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2015/Nov/92" - }, - { - "name" : "http://packetstormsecurity.com/files/134420/EMC-VPLEX-Sensitive-Information-Exposure.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134420/EMC-VPLEX-Sensitive-Information-Exposure.html" - }, - { - "name" : "1034169", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034169" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GUI passwords in a log file, which allows local users to obtain sensitive information by reading this file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034169", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034169" + }, + { + "name": "20151117 ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2015/Nov/92" + }, + { + "name": "http://packetstormsecurity.com/files/134420/EMC-VPLEX-Sensitive-Information-Exposure.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134420/EMC-VPLEX-Sensitive-Information-Exposure.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6869.json b/2015/6xxx/CVE-2015-6869.json index 35eeb3705df..a62511b7bc7 100644 --- a/2015/6xxx/CVE-2015-6869.json +++ b/2015/6xxx/CVE-2015-6869.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6869", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6869", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6992.json b/2015/6xxx/CVE-2015-6992.json index ac69570747f..dc800548d88 100644 --- a/2015/6xxx/CVE-2015-6992.json +++ b/2015/6xxx/CVE-2015-6992.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-6992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205372", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205372" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "APPLE-SA-2015-10-21-5", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6975 and CVE-2015-7017." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "https://support.apple.com/HT205372", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205372" + }, + { + "name": "APPLE-SA-2015-10-21-5", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00006.html" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7107.json b/2015/7xxx/CVE-2015-7107.json index 2d558faa1c9..3f59e160136 100644 --- a/2015/7xxx/CVE-2015-7107.json +++ b/2015/7xxx/CVE-2015-7107.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7107", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7107", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205635", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205635" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "APPLE-SA-2015-12-08-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickLook in Apple iOS before 9.2 and OS X before 10.11.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted iWork file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205635", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205635" + }, + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + }, + { + "name": "APPLE-SA-2015-12-08-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7232.json b/2015/7xxx/CVE-2015-7232.json index 7ad4819623b..7f1fcc0fcb1 100644 --- a/2015/7xxx/CVE-2015-7232.json +++ b/2015/7xxx/CVE-2015-7232.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7232", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7232", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2537860", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2537860" - }, - { - "name" : "https://www.drupal.org/node/2537120", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2537120" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2537120", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2537120" + }, + { + "name": "https://www.drupal.org/node/2537860", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2537860" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7373.json b/2015/7xxx/CVE-2015-7373.json index 3a6639e36e5..da155039186 100644 --- a/2015/7xxx/CVE-2015-7373.json +++ b/2015/7xxx/CVE-2015-7373.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7373", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the \"magic-macros\" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7373", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536633/100/0/threaded" - }, - { - "name" : "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/32" - }, - { - "name" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" - }, - { - "name" : "http://www.revive-adserver.com/security/revive-sa-2015-001", - "refsource" : "CONFIRM", - "url" : "http://www.revive-adserver.com/security/revive-sa-2015-001" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the \"magic-macros\" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not properly handled in a banner." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.revive-adserver.com/security/revive-sa-2015-001", + "refsource": "CONFIRM", + "url": "http://www.revive-adserver.com/security/revive-sa-2015-001" + }, + { + "name": "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536633/100/0/threaded" + }, + { + "name": "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/32" + }, + { + "name": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7706.json b/2015/7xxx/CVE-2015-7706.json index 37c6a5a90f9..4fe45306b72 100644 --- a/2015/7xxx/CVE-2015-7706.json +++ b/2015/7xxx/CVE-2015-7706.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7706", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shares/downloads/, the (2) authType parameter to api/v3/auth/login, or the (3) login parameter to api/v3/auth/reset_password." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7706", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151209 [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537069/100/0/threaded" - }, - { - "name" : "20151209 [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Dec/36" - }, - { - "name" : "http://packetstormsecurity.com/files/134760/Secure-Data-Space-3.1.1-2-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134760/Secure-Data-Space-3.1.1-2-Cross-Site-Scripting.html" - }, - { - "name" : "https://kb.ssp-europe.eu/pages/viewpage.action?pageId=12059988", - "refsource" : "CONFIRM", - "url" : "https://kb.ssp-europe.eu/pages/viewpage.action?pageId=12059988" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shares/downloads/, the (2) authType parameter to api/v3/auth/login, or the (3) login parameter to api/v3/auth/reset_password." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.ssp-europe.eu/pages/viewpage.action?pageId=12059988", + "refsource": "CONFIRM", + "url": "https://kb.ssp-europe.eu/pages/viewpage.action?pageId=12059988" + }, + { + "name": "20151209 [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Dec/36" + }, + { + "name": "20151209 [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537069/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/134760/Secure-Data-Space-3.1.1-2-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134760/Secure-Data-Space-3.1.1-2-Cross-Site-Scripting.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8382.json b/2015/8xxx/CVE-2015-8382.json index 2611761a642..f6f098cfb62 100644 --- a/2015/8xxx/CVE-2015-8382.json +++ b/2015/8xxx/CVE-2015-8382.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8382", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8382", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150804 Re: CVE Request: Information disclosure in pcre", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/08/04/3" - }, - { - "name" : "[oss-security] 20151128 Re: Heap Overflow in PCRE", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/11/29/1" - }, - { - "name" : "http://git.php.net/?p=php-src.git;a=commit;h=c351b47ce85a3a147cfa801fa9f0149ab4160834", - "refsource" : "CONFIRM", - "url" : "http://git.php.net/?p=php-src.git;a=commit;h=c351b47ce85a3a147cfa801fa9f0149ab4160834" - }, - { - "name" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", - "refsource" : "CONFIRM", - "url" : "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" - }, - { - "name" : "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510", - "refsource" : "CONFIRM", - "url" : "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510" - }, - { - "name" : "https://bugs.exim.org/show_bug.cgi?id=1537", - "refsource" : "CONFIRM", - "url" : "https://bugs.exim.org/show_bug.cgi?id=1537" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1187225", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1187225" - }, - { - "name" : "https://bto.bluecoat.com/security-advisory/sa128", - "refsource" : "CONFIRM", - "url" : "https://bto.bluecoat.com/security-advisory/sa128" - }, - { - "name" : "76157", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76157" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|(?:abcdef))))b)abcdefghi)abc)|((*ACCEPT)))/ pattern and related patterns involving (*ACCEPT), which allows remote attackers to obtain sensitive information from process memory or cause a denial of service (partially initialized memory and application crash) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-2547." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151128 Re: Heap Overflow in PCRE", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/11/29/1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1187225", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1187225" + }, + { + "name": "76157", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76157" + }, + { + "name": "[oss-security] 20150804 Re: CVE Request: Information disclosure in pcre", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/08/04/3" + }, + { + "name": "https://bugs.exim.org/show_bug.cgi?id=1537", + "refsource": "CONFIRM", + "url": "https://bugs.exim.org/show_bug.cgi?id=1537" + }, + { + "name": "http://git.php.net/?p=php-src.git;a=commit;h=c351b47ce85a3a147cfa801fa9f0149ab4160834", + "refsource": "CONFIRM", + "url": "http://git.php.net/?p=php-src.git;a=commit;h=c351b47ce85a3a147cfa801fa9f0149ab4160834" + }, + { + "name": "https://bto.bluecoat.com/security-advisory/sa128", + "refsource": "CONFIRM", + "url": "https://bto.bluecoat.com/security-advisory/sa128" + }, + { + "name": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup", + "refsource": "CONFIRM", + "url": "http://vcs.pcre.org/pcre/code/trunk/ChangeLog?view=markup" + }, + { + "name": "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510", + "refsource": "CONFIRM", + "url": "http://vcs.pcre.org/pcre/code/trunk/pcre_exec.c?r1=1502&r2=1510" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0090.json b/2016/0xxx/CVE-2016-0090.json index 18dbb1caf4c..704dbc53543 100644 --- a/2016/0xxx/CVE-2016-0090.json +++ b/2016/0xxx/CVE-2016-0090.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0090", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka \"Hyper-V Information Disclosure Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0090", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-045", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-045" - }, - { - "name" : "1035538", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035538" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka \"Hyper-V Information Disclosure Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS16-045", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-045" + }, + { + "name": "1035538", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035538" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0494.json b/2016/0xxx/CVE-2016-0494.json index d1f8fb8c66c..ecdb6d36aee 100644 --- a/2016/0xxx/CVE-2016-0494.json +++ b/2016/0xxx/CVE-2016-0494.json @@ -1,187 +1,187 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0494", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0494", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "DSA-3465", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3465" - }, - { - "name" : "DSA-3458", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3458" - }, - { - "name" : "GLSA-201603-14", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-14" - }, - { - "name" : "GLSA-201610-08", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-08" - }, - { - "name" : "RHSA-2016:1430", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1430" - }, - { - "name" : "RHSA-2016:0049", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0049.html" - }, - { - "name" : "RHSA-2016:0050", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0050.html" - }, - { - "name" : "RHSA-2016:0053", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0053.html" - }, - { - "name" : "RHSA-2016:0054", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0054.html" - }, - { - "name" : "RHSA-2016:0055", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0055.html" - }, - { - "name" : "RHSA-2016:0056", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0056.html" - }, - { - "name" : "RHSA-2016:0057", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0057.html" - }, - { - "name" : "RHSA-2016:0067", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0067.html" - }, - { - "name" : "SUSE-SU-2016:0256", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" - }, - { - "name" : "SUSE-SU-2016:0265", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" - }, - { - "name" : "SUSE-SU-2016:0269", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:0263", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" - }, - { - "name" : "openSUSE-SU-2016:0268", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" - }, - { - "name" : "openSUSE-SU-2016:0270", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" - }, - { - "name" : "openSUSE-SU-2016:0272", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" - }, - { - "name" : "openSUSE-SU-2016:0279", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" - }, - { - "name" : "USN-2884-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2884-1" - }, - { - "name" : "USN-2885-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2885-1" - }, - { - "name" : "1034715", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034715" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0272", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" + }, + { + "name": "1034715", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034715" + }, + { + "name": "openSUSE-SU-2016:0279", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" + }, + { + "name": "GLSA-201610-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-08" + }, + { + "name": "USN-2884-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2884-1" + }, + { + "name": "DSA-3465", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3465" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "USN-2885-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2885-1" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:1430", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1430" + }, + { + "name": "RHSA-2016:0049", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" + }, + { + "name": "openSUSE-SU-2016:0270", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" + }, + { + "name": "RHSA-2016:0053", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" + }, + { + "name": "SUSE-SU-2016:0269", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" + }, + { + "name": "RHSA-2016:0067", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" + }, + { + "name": "openSUSE-SU-2016:0263", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" + }, + { + "name": "SUSE-SU-2016:0256", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" + }, + { + "name": "GLSA-201603-14", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-14" + }, + { + "name": "RHSA-2016:0057", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" + }, + { + "name": "RHSA-2016:0055", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" + }, + { + "name": "RHSA-2016:0054", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" + }, + { + "name": "RHSA-2016:0056", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" + }, + { + "name": "openSUSE-SU-2016:0268", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" + }, + { + "name": "RHSA-2016:0050", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" + }, + { + "name": "DSA-3458", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3458" + }, + { + "name": "SUSE-SU-2016:0265", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0942.json b/2016/0xxx/CVE-2016-0942.json index 706bad2669f..3e78a18706d 100644 --- a/2016/0xxx/CVE-2016-0942.json +++ b/2016/0xxx/CVE-2016-0942.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0942", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0942", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" - }, - { - "name" : "1034646", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034646", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034646" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-02.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000201.json b/2016/1000xxx/CVE-2016-1000201.json index 1960fcacb91..021c9b3e369 100644 --- a/2016/1000xxx/CVE-2016-1000201.json +++ b/2016/1000xxx/CVE-2016-1000201.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000201", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000201", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1370.json b/2016/1xxx/CVE-2016-1370.json index 84c48415fd5..b8ffe42abc8 100644 --- a/2016/1xxx/CVE-2016-1370.json +++ b/2016/1xxx/CVE-2016-1370.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160601 Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3" - }, - { - "name" : "1036016", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco Prime Network Analysis Module (NAM) before 6.2(1-b) miscalculates IPv6 payload lengths, which allows remote attackers to cause a denial of service (mond process crash and monitoring outage) via crafted IPv6 packets, aka Bug ID CSCuy37324." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036016", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036016" + }, + { + "name": "20160601 Cisco Prime Network Analysis Module IPv6 Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160601-prime3" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1377.json b/2016/1xxx/CVE-2016-1377.json index 5367a4b73a4..b28dac95089 100644 --- a/2016/1xxx/CVE-2016-1377.json +++ b/2016/1xxx/CVE-2016-1377.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1377", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1377", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160412 Cisco Unity Connection Cross-Site Scripting Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity" - }, - { - "name" : "1035562", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035562" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Cisco Unity Connection through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCus21776." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035562", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035562" + }, + { + "name": "20160412 Cisco Unity Connection Cross-Site Scripting Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1661.json b/2016/1xxx/CVE-2016-1661.json index 31e166c903b..012c56a2ca1 100644 --- a/2016/1xxx/CVE-2016-1661.json +++ b/2016/1xxx/CVE-2016-1661.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1661", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" - }, - { - "name" : "https://codereview.chromium.org/1887553002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1887553002/" - }, - { - "name" : "https://crbug.com/601629", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/601629" - }, - { - "name" : "DSA-3564", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3564" - }, - { - "name" : "GLSA-201605-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201605-02" - }, - { - "name" : "RHSA-2016:0707", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0707.html" - }, - { - "name" : "openSUSE-SU-2016:1655", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" - }, - { - "name" : "openSUSE-SU-2016:1207", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" - }, - { - "name" : "openSUSE-SU-2016:1208", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:1209", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" - }, - { - "name" : "USN-2960-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2960-1" - }, - { - "name" : "89106", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89106" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Blink, as used in Google Chrome before 50.0.2661.94, does not ensure that frames satisfy a check for the same renderer process in addition to a Same Origin Policy check, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted web site, related to BindingSecurity.cpp and DOMWindow.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:1208", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00003.html" + }, + { + "name": "DSA-3564", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3564" + }, + { + "name": "openSUSE-SU-2016:1655", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html" + }, + { + "name": "openSUSE-SU-2016:1209", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00004.html" + }, + { + "name": "USN-2960-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2960-1" + }, + { + "name": "https://codereview.chromium.org/1887553002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1887553002/" + }, + { + "name": "89106", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89106" + }, + { + "name": "https://crbug.com/601629", + "refsource": "CONFIRM", + "url": "https://crbug.com/601629" + }, + { + "name": "openSUSE-SU-2016:1207", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00002.html" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html" + }, + { + "name": "RHSA-2016:0707", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0707.html" + }, + { + "name": "GLSA-201605-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201605-02" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4446.json b/2016/4xxx/CVE-2016-4446.json index 4e11960ab8d..1d69190d1ed 100644 --- a/2016/4xxx/CVE-2016-4446.json +++ b/2016/4xxx/CVE-2016-4446.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160621 Re: SELinux troubles", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2016/q2/575" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1339250" - }, - { - "name" : "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", - "refsource" : "CONFIRM", - "url" : "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718" - }, - { - "name" : "RHSA-2016:1267", - "refsource" : "REDHAT", - "url" : "https://rhn.redhat.com/errata/RHSA-2016-1267.html" - }, - { - "name" : "RHSA-2016:1293", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1293" - }, - { - "name" : "91427", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91427" - }, - { - "name" : "1036144", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036144" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by triggering an execstack SELinux denial with a crafted filename, related to the commands.getoutput function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2016:1267", + "refsource": "REDHAT", + "url": "https://rhn.redhat.com/errata/RHSA-2016-1267.html" + }, + { + "name": "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718", + "refsource": "CONFIRM", + "url": "https://github.com/fedora-selinux/setroubleshoot/commit/eaccf4c0d20a27d3df5ff6de8c9dcc80f6f40718" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1339250", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1339250" + }, + { + "name": "91427", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91427" + }, + { + "name": "1036144", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036144" + }, + { + "name": "[oss-security] 20160621 Re: SELinux troubles", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2016/q2/575" + }, + { + "name": "RHSA-2016:1293", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1293" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4837.json b/2016/4xxx/CVE-2016-4837.json index a1ca60af916..e498b41d6b9 100644 --- a/2016/4xxx/CVE-2016-4837.json +++ b/2016/4xxx/CVE-2016-4837.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4837", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4837", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ec-cube.net/products/detail.php?product_id=493", - "refsource" : "CONFIRM", - "url" : "http://www.ec-cube.net/products/detail.php?product_id=493" - }, - { - "name" : "JVN#40696431", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN40696431/index.html" - }, - { - "name" : "JVNDB-2016-000130", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000130" - }, - { - "name" : "92090", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92090" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Seed Coupon plugin before 1.6 for EC-CUBE allows remote attackers to execute arbitrary SQL commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000130", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000130" + }, + { + "name": "92090", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92090" + }, + { + "name": "JVN#40696431", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN40696431/index.html" + }, + { + "name": "http://www.ec-cube.net/products/detail.php?product_id=493", + "refsource": "CONFIRM", + "url": "http://www.ec-cube.net/products/detail.php?product_id=493" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5148.json b/2016/5xxx/CVE-2016-5148.json index 0be0137a0d5..1fe18c67846 100644 --- a/2016/5xxx/CVE-2016-5148.json +++ b/2016/5xxx/CVE-2016-5148.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka \"Universal XSS (UXSS).\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-5148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://codereview.chromium.org/2134113002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/2134113002" - }, - { - "name" : "https://crbug.com/621362", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/621362" - }, - { - "name" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", - "refsource" : "CONFIRM", - "url" : "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" - }, - { - "name" : "DSA-3660", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3660" - }, - { - "name" : "GLSA-201610-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-09" - }, - { - "name" : "RHSA-2016:1854", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1854.html" - }, - { - "name" : "openSUSE-SU-2016:2349", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" - }, - { - "name" : "SUSE-SU-2016:2251", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:2250", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" - }, - { - "name" : "openSUSE-SU-2016:2296", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" - }, - { - "name" : "92717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92717" - }, - { - "name" : "1036729", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036729" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Blink, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to inject arbitrary web script or HTML via vectors related to widget updates, aka \"Universal XSS (UXSS).\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:2250", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html" + }, + { + "name": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html", + "refsource": "CONFIRM", + "url": "https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html" + }, + { + "name": "SUSE-SU-2016:2251", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html" + }, + { + "name": "92717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92717" + }, + { + "name": "1036729", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036729" + }, + { + "name": "https://codereview.chromium.org/2134113002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/2134113002" + }, + { + "name": "openSUSE-SU-2016:2349", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html" + }, + { + "name": "https://crbug.com/621362", + "refsource": "CONFIRM", + "url": "https://crbug.com/621362" + }, + { + "name": "DSA-3660", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3660" + }, + { + "name": "GLSA-201610-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-09" + }, + { + "name": "openSUSE-SU-2016:2296", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html" + }, + { + "name": "RHSA-2016:1854", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1854.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5344.json b/2016/5xxx/CVE-2016-5344.json index 8016b948900..2194d9abfb3 100644 --- a/2016/5xxx/CVE-2016-5344.json +++ b/2016/5xxx/CVE-2016-5344.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=1d2297267c24f2c44bd0ecb244ddb8bc880a29b7", - "refsource" : "CONFIRM", - "url" : "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=1d2297267c24f2c44bd0ecb244ddb8bc880a29b7" - }, - { - "name" : "https://www.codeaurora.org/integer-overflow-mdss-driver-cve-2016-5344", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/integer-overflow-mdss-driver-cve-2016-5344" - }, - { - "name" : "http://source.android.com/security/bulletin/2016-10-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2016-10-01.html" - }, - { - "name" : "92695", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92695" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=1d2297267c24f2c44bd0ecb244ddb8bc880a29b7", + "refsource": "CONFIRM", + "url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=1d2297267c24f2c44bd0ecb244ddb8bc880a29b7" + }, + { + "name": "https://www.codeaurora.org/integer-overflow-mdss-driver-cve-2016-5344", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/integer-overflow-mdss-driver-cve-2016-5344" + }, + { + "name": "http://source.android.com/security/bulletin/2016-10-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2016-10-01.html" + }, + { + "name": "92695", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92695" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5394.json b/2016/5xxx/CVE-2016-5394.json index 42b9111d336..f8da6f153a7 100644 --- a/2016/5xxx/CVE-2016-5394.json +++ b/2016/5xxx/CVE-2016-5394.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@apache.org", - "DATE_PUBLIC" : "2017-07-18T00:00:00", - "ID" : "CVE-2016-5394", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Apache Sling", - "version" : { - "version_data" : [ - { - "version_value" : "prior to 1.0.12" - } - ] - } - } - ] - }, - "vendor_name" : "Apache Software Foundation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "DATE_PUBLIC": "2017-07-18T00:00:00", + "ID": "CVE-2016-5394", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Sling", + "version": { + "version_data": [ + { + "version_value": "prior to 1.0.12" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525@%3Cdev.sling.apache.org%3E", - "refsource" : "MISC", - "url" : "https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525@%3Cdev.sling.apache.org%3E" - }, - { - "name" : "99870", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99870" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525@%3Cdev.sling.apache.org%3E", + "refsource": "MISC", + "url": "https://lists.apache.org/thread.html/332166037a54b97cf41e2b616aaed38439de94b19b204841478e4525@%3Cdev.sling.apache.org%3E" + }, + { + "name": "99870", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99870" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5911.json b/2016/5xxx/CVE-2016-5911.json index 6b27601c33b..ba73f18293b 100644 --- a/2016/5xxx/CVE-2016-5911.json +++ b/2016/5xxx/CVE-2016-5911.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5911", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5911", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0221.json b/2019/0xxx/CVE-2019-0221.json index 1a3c0f96ac0..28e75b98267 100644 --- a/2019/0xxx/CVE-2019-0221.json +++ b/2019/0xxx/CVE-2019-0221.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0221", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0221", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0246.json b/2019/0xxx/CVE-2019-0246.json index 0426a0ab523..d8f88f71f5a 100644 --- a/2019/0xxx/CVE-2019-0246.json +++ b/2019/0xxx/CVE-2019-0246.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2019-0246", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Cloud Connector", - "version" : { - "version_data" : [ - { - "version_name" : "<", - "version_value" : "2.11.3" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Missing Authentication" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2019-0246", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Cloud Connector", + "version": { + "version_data": [ + { + "version_name": "<", + "version_value": "2.11.3" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2696233", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2696233" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", - "refsource" : "MISC", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" - }, - { - "name" : "106463", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106463" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authentication" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2696233", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2696233" + }, + { + "name": "106463", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106463" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985", + "refsource": "MISC", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0459.json b/2019/0xxx/CVE-2019-0459.json index 9d510110497..372e71c3893 100644 --- a/2019/0xxx/CVE-2019-0459.json +++ b/2019/0xxx/CVE-2019-0459.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0459", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0459", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0527.json b/2019/0xxx/CVE-2019-0527.json index 34e9ae5f421..02985ad55d1 100644 --- a/2019/0xxx/CVE-2019-0527.json +++ b/2019/0xxx/CVE-2019-0527.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0527", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0527", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1010.json b/2019/1xxx/CVE-2019-1010.json index 044f59ebf4e..6b8ab4a0b9c 100644 --- a/2019/1xxx/CVE-2019-1010.json +++ b/2019/1xxx/CVE-2019-1010.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1010", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1010", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1100.json b/2019/1xxx/CVE-2019-1100.json index b9367bcc9ff..3741c96a248 100644 --- a/2019/1xxx/CVE-2019-1100.json +++ b/2019/1xxx/CVE-2019-1100.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1100", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1100", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1777.json b/2019/1xxx/CVE-2019-1777.json index b4ea155c661..ba730665695 100644 --- a/2019/1xxx/CVE-2019-1777.json +++ b/2019/1xxx/CVE-2019-1777.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1777", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1777", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3170.json b/2019/3xxx/CVE-2019-3170.json index 9b93ae7b187..a12e957c0df 100644 --- a/2019/3xxx/CVE-2019-3170.json +++ b/2019/3xxx/CVE-2019-3170.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3170", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3170", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3723.json b/2019/3xxx/CVE-2019-3723.json index 495d8ca88f7..9564c9d32e8 100644 --- a/2019/3xxx/CVE-2019-3723.json +++ b/2019/3xxx/CVE-2019-3723.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3723", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3723", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3990.json b/2019/3xxx/CVE-2019-3990.json index c76558197aa..00210e66ea4 100644 --- a/2019/3xxx/CVE-2019-3990.json +++ b/2019/3xxx/CVE-2019-3990.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3990", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3990", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4101.json b/2019/4xxx/CVE-2019-4101.json index c1c18457518..976ae601627 100644 --- a/2019/4xxx/CVE-2019-4101.json +++ b/2019/4xxx/CVE-2019-4101.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4101", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4101", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4494.json b/2019/4xxx/CVE-2019-4494.json index 5ab60854921..23e93c0a861 100644 --- a/2019/4xxx/CVE-2019-4494.json +++ b/2019/4xxx/CVE-2019-4494.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4494", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4494", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4534.json b/2019/4xxx/CVE-2019-4534.json index 617fd45e75b..a1ed8e74765 100644 --- a/2019/4xxx/CVE-2019-4534.json +++ b/2019/4xxx/CVE-2019-4534.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4534", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4534", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4664.json b/2019/4xxx/CVE-2019-4664.json index 37901201a7e..f8b9120b82b 100644 --- a/2019/4xxx/CVE-2019-4664.json +++ b/2019/4xxx/CVE-2019-4664.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4664", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4664", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8127.json b/2019/8xxx/CVE-2019-8127.json index be65f14f361..ea3802e1fec 100644 --- a/2019/8xxx/CVE-2019-8127.json +++ b/2019/8xxx/CVE-2019-8127.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8127", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8127", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8251.json b/2019/8xxx/CVE-2019-8251.json index dd85bb0df05..5e197793995 100644 --- a/2019/8xxx/CVE-2019-8251.json +++ b/2019/8xxx/CVE-2019-8251.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8251", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8251", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8402.json b/2019/8xxx/CVE-2019-8402.json index 1f248dc5437..5ea9ad7883a 100644 --- a/2019/8xxx/CVE-2019-8402.json +++ b/2019/8xxx/CVE-2019-8402.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8402", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8402", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8543.json b/2019/8xxx/CVE-2019-8543.json index 174c2f1bffd..79b8d4921aa 100644 --- a/2019/8xxx/CVE-2019-8543.json +++ b/2019/8xxx/CVE-2019-8543.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8543", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8543", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9056.json b/2019/9xxx/CVE-2019-9056.json index 52930535899..a69580f31aa 100644 --- a/2019/9xxx/CVE-2019-9056.json +++ b/2019/9xxx/CVE-2019-9056.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9056", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9056", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9226.json b/2019/9xxx/CVE-2019-9226.json index 8cada88f0e5..e12716a8c0d 100644 --- a/2019/9xxx/CVE-2019-9226.json +++ b/2019/9xxx/CVE-2019-9226.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9226", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the opt[base][BG_SITE_NAME] parameter to the bg_console/index.php?m=opt&c=request URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9226", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/baigoStudio/baigoCMS/issues/7", - "refsource" : "MISC", - "url" : "https://github.com/baigoStudio/baigoCMS/issues/7" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the opt[base][BG_SITE_NAME] parameter to the bg_console/index.php?m=opt&c=request URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/baigoStudio/baigoCMS/issues/7", + "refsource": "MISC", + "url": "https://github.com/baigoStudio/baigoCMS/issues/7" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9527.json b/2019/9xxx/CVE-2019-9527.json index 9e5db5870e1..88ca5a9f8f6 100644 --- a/2019/9xxx/CVE-2019-9527.json +++ b/2019/9xxx/CVE-2019-9527.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9527", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9527", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9612.json b/2019/9xxx/CVE-2019-9612.json index 1260c6fde89..5a86b984e2b 100644 --- a/2019/9xxx/CVE-2019-9612.json +++ b/2019/9xxx/CVE-2019-9612.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9612", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/upload URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9612", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.seebug.org/vuldb/ssvid-97835", - "refsource" : "MISC", - "url" : "https://www.seebug.org/vuldb/ssvid-97835" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/comn/service/upload URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.seebug.org/vuldb/ssvid-97835", + "refsource": "MISC", + "url": "https://www.seebug.org/vuldb/ssvid-97835" + } + ] + } +} \ No newline at end of file