From e507f2841c10a71a6ac4deeba4a45aa4bca49c19 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 05:00:49 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0313.json | 160 +++++++++++------------ 1999/0xxx/CVE-1999-0634.json | 34 ++--- 1999/0xxx/CVE-1999-0770.json | 130 +++++++++--------- 2007/0xxx/CVE-2007-0207.json | 34 ++--- 2007/0xxx/CVE-2007-0363.json | 170 ++++++++++++------------ 2007/1xxx/CVE-2007-1076.json | 200 ++++++++++++++-------------- 2007/1xxx/CVE-2007-1159.json | 130 +++++++++--------- 2007/1xxx/CVE-2007-1183.json | 160 +++++++++++------------ 2007/1xxx/CVE-2007-1189.json | 160 +++++++++++------------ 2007/1xxx/CVE-2007-1811.json | 140 ++++++++++---------- 2007/5xxx/CVE-2007-5221.json | 170 ++++++++++++------------ 2007/5xxx/CVE-2007-5580.json | 210 +++++++++++++++--------------- 2007/5xxx/CVE-2007-5941.json | 140 ++++++++++---------- 2015/3xxx/CVE-2015-3317.json | 150 ++++++++++----------- 2015/3xxx/CVE-2015-3375.json | 160 +++++++++++------------ 2015/3xxx/CVE-2015-3581.json | 34 ++--- 2015/3xxx/CVE-2015-3844.json | 130 +++++++++--------- 2015/4xxx/CVE-2015-4319.json | 140 ++++++++++---------- 2015/4xxx/CVE-2015-4457.json | 34 ++--- 2015/7xxx/CVE-2015-7881.json | 130 +++++++++--------- 2015/8xxx/CVE-2015-8453.json | 220 +++++++++++++++---------------- 2015/8xxx/CVE-2015-8705.json | 190 +++++++++++++-------------- 2015/8xxx/CVE-2015-8734.json | 160 +++++++++++------------ 2015/9xxx/CVE-2015-9191.json | 132 +++++++++---------- 2016/0xxx/CVE-2016-0072.json | 140 ++++++++++---------- 2016/1xxx/CVE-2016-1446.json | 140 ++++++++++---------- 2016/1xxx/CVE-2016-1636.json | 230 ++++++++++++++++---------------- 2016/1xxx/CVE-2016-1680.json | 230 ++++++++++++++++---------------- 2016/1xxx/CVE-2016-1890.json | 34 ++--- 2016/5xxx/CVE-2016-5079.json | 34 ++--- 2016/5xxx/CVE-2016-5291.json | 246 +++++++++++++++++------------------ 2016/5xxx/CVE-2016-5330.json | 190 +++++++++++++-------------- 2016/5xxx/CVE-2016-5476.json | 150 ++++++++++----------- 2016/5xxx/CVE-2016-5606.json | 140 ++++++++++---------- 2018/2xxx/CVE-2018-2403.json | 174 ++++++++++++------------- 2018/2xxx/CVE-2018-2941.json | 208 ++++++++++++++--------------- 2019/0xxx/CVE-2019-0084.json | 34 ++--- 2019/0xxx/CVE-2019-0239.json | 34 ++--- 2019/0xxx/CVE-2019-0605.json | 246 +++++++++++++++++------------------ 2019/0xxx/CVE-2019-0763.json | 34 ++--- 2019/0xxx/CVE-2019-0970.json | 34 ++--- 2019/1xxx/CVE-2019-1205.json | 34 ++--- 2019/1xxx/CVE-2019-1240.json | 34 ++--- 2019/1xxx/CVE-2019-1366.json | 34 ++--- 2019/1xxx/CVE-2019-1544.json | 34 ++--- 2019/4xxx/CVE-2019-4131.json | 34 ++--- 2019/4xxx/CVE-2019-4148.json | 34 ++--- 2019/4xxx/CVE-2019-4286.json | 34 ++--- 2019/4xxx/CVE-2019-4355.json | 34 ++--- 2019/5xxx/CVE-2019-5043.json | 34 ++--- 2019/5xxx/CVE-2019-5391.json | 34 ++--- 2019/5xxx/CVE-2019-5421.json | 34 ++--- 2019/5xxx/CVE-2019-5622.json | 34 ++--- 2019/9xxx/CVE-2019-9001.json | 34 ++--- 2019/9xxx/CVE-2019-9192.json | 120 ++++++++--------- 2019/9xxx/CVE-2019-9725.json | 120 ++++++++--------- 56 files changed, 3149 insertions(+), 3149 deletions(-) diff --git a/1999/0xxx/CVE-1999-0313.json b/1999/0xxx/CVE-1999-0313.json index aaf37720617..13d41eabb3c 100644 --- a/1999/0xxx/CVE-1999-0313.json +++ b/1999/0xxx/CVE-1999-0313.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0313", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0313", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/bid/213/exploit", - "refsource" : "MISC", - "url" : "http://www.securityfocus.com/bid/213/exploit" - }, - { - "name" : "19980701-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P" - }, - { - "name" : "214", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/214" - }, - { - "name" : "936", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/936" - }, - { - "name" : "sgi-disk-bandwidth(1441)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "disk_bandwidth on SGI IRIX 6.4 S2MP for Origin/Onyx2 allows local users to gain root access using relative pathnames." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "214", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/214" + }, + { + "name": "sgi-disk-bandwidth(1441)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1441" + }, + { + "name": "936", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/936" + }, + { + "name": "http://www.securityfocus.com/bid/213/exploit", + "refsource": "MISC", + "url": "http://www.securityfocus.com/bid/213/exploit" + }, + { + "name": "19980701-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980701-01-P" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0634.json b/1999/0xxx/CVE-1999-0634.json index 7c2c3ca908b..ea61ee5626c 100644 --- a/1999/0xxx/CVE-1999-0634.json +++ b/1999/0xxx/CVE-1999-0634.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0634", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The SSH service is running.\"" - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-0634", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"The SSH service is running.\"" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0770.json b/1999/0xxx/CVE-1999-0770.json index 40fef044aac..d5bc616ddfa 100644 --- a/1999/0xxx/CVE-1999-0770.json +++ b/1999/0xxx/CVE-1999-0770.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0770", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0770", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "549", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/549" - }, - { - "name" : "1027", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/1027" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1027", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/1027" + }, + { + "name": "549", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/549" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0207.json b/2007/0xxx/CVE-2007-0207.json index 126245e87f4..6c7d0f0f6ff 100644 --- a/2007/0xxx/CVE-2007-0207.json +++ b/2007/0xxx/CVE-2007-0207.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0207", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-0207", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2007. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0363.json b/2007/0xxx/CVE-2007-0363.json index d101d87298d..f11e2684af8 100644 --- a/2007/0xxx/CVE-2007-0363.json +++ b/2007/0xxx/CVE-2007-0363.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0363", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0363", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426" - }, - { - "name" : "22124", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22124" - }, - { - "name" : "ADV-2007-0240", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0240" - }, - { - "name" : "23720", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23720" - }, - { - "name" : "openads-unspecified-xss(31570)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31570" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23720", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23720" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424" + }, + { + "name": "22124", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22124" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426" + }, + { + "name": "ADV-2007-0240", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0240" + }, + { + "name": "openads-unspecified-xss(31570)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31570" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1076.json b/2007/1xxx/CVE-2007-1076.json index feda16bf034..e7e74743dd3 100644 --- a/2007/1xxx/CVE-2007-1076.json +++ b/2007/1xxx/CVE-2007-1076.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1076", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1076", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1", - "refsource" : "MISC", - "url" : "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1" - }, - { - "name" : "http://soft.zoneo.net/phpTrafficA/news.php", - "refsource" : "CONFIRM", - "url" : "http://soft.zoneo.net/phpTrafficA/news.php" - }, - { - "name" : "20070222 [true] phpTrafficA-1.4.1 Local File Inclusion", - "refsource" : "VIM", - "url" : "http://attrition.org/pipermail/vim/2007-February/001377.html" - }, - { - "name" : "22655", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22655" - }, - { - "name" : "ADV-2007-0709", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0709" - }, - { - "name" : "33373", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33373" - }, - { - "name" : "33374", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33374" - }, - { - "name" : "24242", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24242" - }, - { - "name" : "phptraffica-plotstat-banref-file-include(32628)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32628" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote attackers to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24242", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24242" + }, + { + "name": "20070222 [true] phpTrafficA-1.4.1 Local File Inclusion", + "refsource": "VIM", + "url": "http://attrition.org/pipermail/vim/2007-February/001377.html" + }, + { + "name": "ADV-2007-0709", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0709" + }, + { + "name": "http://soft.zoneo.net/phpTrafficA/news.php", + "refsource": "CONFIRM", + "url": "http://soft.zoneo.net/phpTrafficA/news.php" + }, + { + "name": "22655", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22655" + }, + { + "name": "phptraffica-plotstat-banref-file-include(32628)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32628" + }, + { + "name": "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1", + "refsource": "MISC", + "url": "http://www.bugtraq.ir/articles/file-inclusion/phpTrafficA-1.4.1-Local-File-Inclusion/1" + }, + { + "name": "33373", + "refsource": "OSVDB", + "url": "http://osvdb.org/33373" + }, + { + "name": "33374", + "refsource": "OSVDB", + "url": "http://osvdb.org/33374" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1159.json b/2007/1xxx/CVE-2007-1159.json index 0bd91e49dab..a1e4605d74e 100644 --- a/2007/1xxx/CVE-2007-1159.json +++ b/2007/1xxx/CVE-2007-1159.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1159", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in modules/out.php in Pyrophobia 2.1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1159", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22667", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22667" - }, - { - "name" : "36879", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in modules/out.php in Pyrophobia 2.1.3.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36879", + "refsource": "OSVDB", + "url": "http://osvdb.org/36879" + }, + { + "name": "22667", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22667" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1183.json b/2007/1xxx/CVE-2007-1183.json index d3e073f81f7..36353558c30 100644 --- a/2007/1xxx/CVE-2007-1183.json +++ b/2007/1xxx/CVE-2007-1183.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1183", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1183", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", - "refsource" : "CONFIRM", - "url" : "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" - }, - { - "name" : "22563", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22563" - }, - { - "name" : "ADV-2007-0604", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0604" - }, - { - "name" : "33293", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33293" - }, - { - "name" : "24080", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24080" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebAPP before 0.9.9.5 allows remote authenticated users to spoof another user's Real Name via whitespace, which has unknown impact and attack vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250", + "refsource": "CONFIRM", + "url": "http://www.web-app.org/cgi-bin/index.cgi?action=viewnews&id=250" + }, + { + "name": "ADV-2007-0604", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0604" + }, + { + "name": "33293", + "refsource": "OSVDB", + "url": "http://osvdb.org/33293" + }, + { + "name": "24080", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24080" + }, + { + "name": "22563", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22563" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1189.json b/2007/1xxx/CVE-2007-1189.json index 55647c23377..ce545f6602d 100644 --- a/2007/1xxx/CVE-2007-1189.json +++ b/2007/1xxx/CVE-2007-1189.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3383", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3383" - }, - { - "name" : "[dailydave] 20070227 Wow, free kernel zero day?", - "refsource" : "MLIST", - "url" : "http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html" - }, - { - "name" : "http://kernelspace.us/itheft.c", - "refsource" : "MISC", - "url" : "http://kernelspace.us/itheft.c" - }, - { - "name" : "22749", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22749" - }, - { - "name" : "34956", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34956" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the envwrite function in the Alcatel-Lucent Bell Labs Plan 9 kernel allows local users to overwrite certain memory addresses with kernel memory via a large n argument, as demonstrated by (1) modifying the iseve function to gain privileges and (2) making the devpermcheck function grant unrestricted device permissions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22749", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22749" + }, + { + "name": "3383", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3383" + }, + { + "name": "http://kernelspace.us/itheft.c", + "refsource": "MISC", + "url": "http://kernelspace.us/itheft.c" + }, + { + "name": "34956", + "refsource": "OSVDB", + "url": "http://osvdb.org/34956" + }, + { + "name": "[dailydave] 20070227 Wow, free kernel zero day?", + "refsource": "MLIST", + "url": "http://lists.immunitysec.com/pipermail/dailydave/2007-February/004118.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1811.json b/2007/1xxx/CVE-2007-1811.json index fdadf1aae9f..fd5ff0e0378 100644 --- a/2007/1xxx/CVE-2007-1811.json +++ b/2007/1xxx/CVE-2007-1811.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3625", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3625" - }, - { - "name" : "34470", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34470" - }, - { - "name" : "xoops-tinyevent-index-sql-injection(33359)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33359" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in the Tiny Event (tinyevent) 1.01 and earlier module for Xoops allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34470", + "refsource": "OSVDB", + "url": "http://osvdb.org/34470" + }, + { + "name": "3625", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3625" + }, + { + "name": "xoops-tinyevent-index-sql-injection(33359)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33359" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5221.json b/2007/5xxx/CVE-2007-5221.json index 0732d6b5c29..d5fb1a26baa 100644 --- a/2007/5xxx/CVE-2007-5221.json +++ b/2007/5xxx/CVE-2007-5221.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5221", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the form parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4481", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4481" - }, - { - "name" : "25897", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25897" - }, - { - "name" : "ADV-2007-3343", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3343" - }, - { - "name" : "37422", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37422" - }, - { - "name" : "27050", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27050" - }, - { - "name" : "poppawid-childwindow-file-include(36922)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36922" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in mail/childwindow.inc.php in Poppawid 2.7 allows remote attackers to execute arbitrary PHP code via a URL in the form parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "poppawid-childwindow-file-include(36922)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36922" + }, + { + "name": "ADV-2007-3343", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3343" + }, + { + "name": "4481", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4481" + }, + { + "name": "37422", + "refsource": "OSVDB", + "url": "http://osvdb.org/37422" + }, + { + "name": "27050", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27050" + }, + { + "name": "25897", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25897" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5580.json b/2007/5xxx/CVE-2007-5580.json index d5d8500d9c3..0882d52fb94 100644 --- a/2007/5xxx/CVE-2007-5580.json +++ b/2007/5xxx/CVE-2007-5580.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2007-5580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/484669/100/100/threaded" - }, - { - "name" : "http://www.nsfocus.com/english/homepage/research/0702.htm", - "refsource" : "MISC", - "url" : "http://www.nsfocus.com/english/homepage/research/0702.htm" - }, - { - "name" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618", - "refsource" : "CONFIRM", - "url" : "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618" - }, - { - "name" : "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml" - }, - { - "name" : "26723", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26723" - }, - { - "name" : "ADV-2007-4103", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/4103" - }, - { - "name" : "39521", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39521" - }, - { - "name" : "1019046", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1019046" - }, - { - "name" : "27947", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27947" - }, - { - "name" : "3425", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3425", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3425" + }, + { + "name": "27947", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27947" + }, + { + "name": "ADV-2007-4103", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/4103" + }, + { + "name": "1019046", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1019046" + }, + { + "name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml" + }, + { + "name": "39521", + "refsource": "OSVDB", + "url": "http://osvdb.org/39521" + }, + { + "name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded" + }, + { + "name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618", + "refsource": "CONFIRM", + "url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618" + }, + { + "name": "26723", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26723" + }, + { + "name": "http://www.nsfocus.com/english/homepage/research/0702.htm", + "refsource": "MISC", + "url": "http://www.nsfocus.com/english/homepage/research/0702.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5941.json b/2007/5xxx/CVE-2007-5941.json index 8f9b312d934..43ccfa59617 100644 --- a/2007/5xxx/CVE-2007-5941.json +++ b/2007/5xxx/CVE-2007-5941.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4613", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4613" - }, - { - "name" : "26388", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26388" - }, - { - "name" : "adobe-shockwave-swctl-bo(38359)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38359" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4613", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4613" + }, + { + "name": "26388", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26388" + }, + { + "name": "adobe-shockwave-swctl-bo(38359)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38359" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3317.json b/2015/3xxx/CVE-2015-3317.json index 7bdc7a18fc7..a93821ad2b4 100644 --- a/2015/3xxx/CVE-2015-3317.json +++ b/2015/3xxx/CVE-2015-3317.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3317", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx", - "refsource" : "CONFIRM", - "url" : "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx" - }, - { - "name" : "75033", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75033" - }, - { - "name" : "1032512", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032512" - }, - { - "name" : "1032513", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032513" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "CA Common Services, as used in CA Client Automation r12.5 SP01, r12.8, and r12.9; CA Network and Systems Management r11.0, r11.1, and r11.2; CA NSM Job Management Option r11.0, r11.1, and r11.2; CA Universal Job Management Agent; CA Virtual Assurance for Infrastructure Managers (aka SystemEDGE) 12.6, 12.7, 12.8, and 12.9; and CA Workload Automation AE r11, r11.3, r11.3.5, and r11.3.6 on UNIX, does not properly perform bounds checking, which allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1032513", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032513" + }, + { + "name": "75033", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75033" + }, + { + "name": "1032512", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032512" + }, + { + "name": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx", + "refsource": "CONFIRM", + "url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20150604-01-security-notice-for-ca-common-services.aspx" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3375.json b/2015/3xxx/CVE-2015-3375.json index 421063df73b..7756c466c37 100644 --- a/2015/3xxx/CVE-2015-3375.json +++ b/2015/3xxx/CVE-2015-3375.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3375", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3375", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2411737", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2411737" - }, - { - "name" : "https://www.drupal.org/node/2411269", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2411269" - }, - { - "name" : "https://www.drupal.org/node/2411271", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2411271" - }, - { - "name" : "74276", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74276" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6.x-4.1 and 7.x-4.x before 7.x-4.1 for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete user role matching rules via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74276", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74276" + }, + { + "name": "https://www.drupal.org/node/2411271", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2411271" + }, + { + "name": "https://www.drupal.org/node/2411737", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2411737" + }, + { + "name": "https://www.drupal.org/node/2411269", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2411269" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3581.json b/2015/3xxx/CVE-2015-3581.json index e936a5ccc37..f6875cc445a 100644 --- a/2015/3xxx/CVE-2015-3581.json +++ b/2015/3xxx/CVE-2015-3581.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3581", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3581", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3844.json b/2015/3xxx/CVE-2015-3844.json index 48faccc07bf..4f3ed9b3b1b 100644 --- a/2015/3xxx/CVE-2015-3844.json +++ b/2015/3xxx/CVE-2015-3844.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3844", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of the Settings application, aka internal bug 21669445." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-3844", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" - }, - { - "name" : "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31", - "refsource" : "CONFIRM", - "url" : "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect process loading via a crafted application, as demonstrated by interfering with use of the Settings application, aka internal bug 21669445." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[android-security-updates] 20150812 Nexus Security Bulletin (August 2015)", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ" + }, + { + "name": "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31", + "refsource": "CONFIRM", + "url": "https://android.googlesource.com/platform/frameworks/base/+/e3cde784e3d99966f313fe00dcecf191f6a44a31" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4319.json b/2015/4xxx/CVE-2015-4319.json index 7abf6629576..2c395735efc 100644 --- a/2015/4xxx/CVE-2015-4319.json +++ b/2015/4xxx/CVE-2015-4319.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150814 Cisco TelePresence Video Communication Server Expressway Access Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40442" - }, - { - "name" : "76366", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76366" - }, - { - "name" : "1033323", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033323" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authenticated users to reset arbitrary active-user passwords via unspecified vectors, aka Bug ID CSCuv12338." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76366", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76366" + }, + { + "name": "1033323", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033323" + }, + { + "name": "20150814 Cisco TelePresence Video Communication Server Expressway Access Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40442" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4457.json b/2015/4xxx/CVE-2015-4457.json index ff32609bc13..a85ed7fefe6 100644 --- a/2015/4xxx/CVE-2015-4457.json +++ b/2015/4xxx/CVE-2015-4457.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4457", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4457", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7881.json b/2015/7xxx/CVE-2015-7881.json index 9a82fe95e98..69208ad4941 100644 --- a/2015/7xxx/CVE-2015-7881.json +++ b/2015/7xxx/CVE-2015-7881.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7881", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and \"add unexpected content to a Colorbox\" via unspecified vectors, possibly related to a link in a comment." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7881", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2582071", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2582071" - }, - { - "name" : "https://www.drupal.org/node/2578165", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2578165" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and \"add unexpected content to a Colorbox\" via unspecified vectors, possibly related to a link in a comment." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2582071", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2582071" + }, + { + "name": "https://www.drupal.org/node/2578165", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2578165" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8453.json b/2015/8xxx/CVE-2015-8453.json index b31dd628cb7..4833ee4f68d 100644 --- a/2015/8xxx/CVE-2015-8453.json +++ b/2015/8xxx/CVE-2015-8453.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via JIT data, a different vulnerability than CVE-2015-8409 and CVE-2015-8440." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://zerodayinitiative.com/advisories/ZDI-15-614", - "refsource" : "MISC", - "url" : "http://zerodayinitiative.com/advisories/ZDI-15-614" - }, - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78713", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78713" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to bypass the ASLR protection mechanism via JIT data, a different vulnerability than CVE-2015-8409 and CVE-2015-8440." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "78713", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78713" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "http://zerodayinitiative.com/advisories/ZDI-15-614", + "refsource": "MISC", + "url": "http://zerodayinitiative.com/advisories/ZDI-15-614" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8705.json b/2015/8xxx/CVE-2015-8705.json index f45fe0611f3..5458a0be1de 100644 --- a/2015/8xxx/CVE-2015-8705.json +++ b/2015/8xxx/CVE-2015-8705.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://kb.isc.org/article/AA-01336", - "refsource" : "CONFIRM", - "url" : "https://kb.isc.org/article/AA-01336" - }, - { - "name" : "https://kb.isc.org/article/AA-01380", - "refsource" : "CONFIRM", - "url" : "https://kb.isc.org/article/AA-01380" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html" - }, - { - "name" : "FEDORA-2016-1ab53bf440", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html" - }, - { - "name" : "FEDORA-2016-f3517b9c4c", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html" - }, - { - "name" : "GLSA-201610-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-07" - }, - { - "name" : "81314", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81314" - }, - { - "name" : "1034740", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034740" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit, or daemon crash) or possibly have unspecified other impact via (1) OPT data or (2) an ECS option." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.isc.org/article/AA-01336", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/article/AA-01336" + }, + { + "name": "FEDORA-2016-f3517b9c4c", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175977.html" + }, + { + "name": "1034740", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034740" + }, + { + "name": "81314", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81314" + }, + { + "name": "GLSA-201610-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-07" + }, + { + "name": "https://kb.isc.org/article/AA-01380", + "refsource": "CONFIRM", + "url": "https://kb.isc.org/article/AA-01380" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2016-3090566.html" + }, + { + "name": "FEDORA-2016-1ab53bf440", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176564.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8734.json b/2015/8xxx/CVE-2015-8734.json index 890b449d4ae..7fbcd866be6 100644 --- a/2015/8xxx/CVE-2015-8734.json +++ b/2015/8xxx/CVE-2015-8734.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8734", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8734", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-52.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-52.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-52.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-52.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11726" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=9b2c889abe0219fc162659e106c5b95deb6268f3" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9191.json b/2015/9xxx/CVE-2015-9191.json index d52f1e48e36..8ea53361a89 100644 --- a/2015/9xxx/CVE-2015-9191.json +++ b/2015/9xxx/CVE-2015-9191.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9191", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted Pointer Dereference in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9191", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0072.json b/2016/0xxx/CVE-2016-0072.json index 8cd5dbf4e66..fd05c6403a0 100644 --- a/2016/0xxx/CVE-2016-0072.json +++ b/2016/0xxx/CVE-2016-0072.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0072", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0063, and CVE-2016-0067." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0072", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-157", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-157" - }, - { - "name" : "MS16-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" - }, - { - "name" : "1034971", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034971" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0060, CVE-2016-0061, CVE-2016-0063, and CVE-2016-0067." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-157", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-157" + }, + { + "name": "1034971", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034971" + }, + { + "name": "MS16-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-009" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1446.json b/2016/1xxx/CVE-2016-1446.json index c866b42223e..75f3472fb3f 100644 --- a/2016/1xxx/CVE-2016-1446.json +++ b/2016/1xxx/CVE-2016-1446.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1446", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1446", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160714 Cisco WebEx Meetings Server Administrator Interface SQL Injection Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms" - }, - { - "name" : "91786", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91786" - }, - { - "name" : "1036312", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036312" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in Cisco WebEx Meetings Server 2.6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuy83200." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91786", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91786" + }, + { + "name": "1036312", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036312" + }, + { + "name": "20160714 Cisco WebEx Meetings Server Administrator Interface SQL Injection Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160714-wms" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1636.json b/2016/1xxx/CVE-2016-1636.json index fa323b27a4c..4f00d49d5dd 100644 --- a/2016/1xxx/CVE-2016-1636.json +++ b/2016/1xxx/CVE-2016-1636.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1636", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1636", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=584155", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=584155" - }, - { - "name" : "https://codereview.chromium.org/1713093002", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1713093002" - }, - { - "name" : "DSA-3507", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3507" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "SUSE-SU-2016:0665", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" - }, - { - "name" : "openSUSE-SU-2016:0684", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" - }, - { - "name" : "openSUSE-SU-2016:0729", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" - }, - { - "name" : "USN-2920-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2920-1" - }, - { - "name" : "84008", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84008" - }, - { - "name" : "1035185", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PendingScript::notifyFinished function in WebKit/Source/core/dom/PendingScript.cpp in Google Chrome before 49.0.2623.75 relies on memory-cache information about integrity-check occurrences instead of integrity-check successes, which allows remote attackers to bypass the Subresource Integrity (aka SRI) protection mechanism by triggering two loads of the same resource." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" + }, + { + "name": "openSUSE-SU-2016:0684", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" + }, + { + "name": "84008", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84008" + }, + { + "name": "DSA-3507", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3507" + }, + { + "name": "1035185", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035185" + }, + { + "name": "https://codereview.chromium.org/1713093002", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1713093002" + }, + { + "name": "openSUSE-SU-2016:0729", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" + }, + { + "name": "SUSE-SU-2016:0665", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=584155", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=584155" + }, + { + "name": "USN-2920-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2920-1" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1680.json b/2016/1xxx/CVE-2016-1680.json index 11af6dc5703..ff08a55bf3e 100644 --- a/2016/1xxx/CVE-2016-1680.json +++ b/2016/1xxx/CVE-2016-1680.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1680", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1680", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" - }, - { - "name" : "https://codereview.chromium.org/1751883004", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1751883004" - }, - { - "name" : "https://crbug.com/589848", - "refsource" : "CONFIRM", - "url" : "https://crbug.com/589848" - }, - { - "name" : "DSA-3590", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3590" - }, - { - "name" : "GLSA-201607-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-07" - }, - { - "name" : "RHSA-2016:1190", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1190" - }, - { - "name" : "openSUSE-SU-2016:1430", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" - }, - { - "name" : "openSUSE-SU-2016:1433", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" - }, - { - "name" : "openSUSE-SU-2016:1496", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" - }, - { - "name" : "USN-2992-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2992-1" - }, - { - "name" : "90876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90876" - }, - { - "name" : "1035981", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035981" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in ports/SkFontHost_FreeType.cpp in Skia, as used in Google Chrome before 51.0.2704.63, allows remote attackers to cause a denial of service (heap memory corruption) or possibly have unspecified other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90876" + }, + { + "name": "openSUSE-SU-2016:1496", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00005.html" + }, + { + "name": "1035981", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035981" + }, + { + "name": "DSA-3590", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3590" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html" + }, + { + "name": "USN-2992-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2992-1" + }, + { + "name": "openSUSE-SU-2016:1430", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00062.html" + }, + { + "name": "https://crbug.com/589848", + "refsource": "CONFIRM", + "url": "https://crbug.com/589848" + }, + { + "name": "RHSA-2016:1190", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1190" + }, + { + "name": "https://codereview.chromium.org/1751883004", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1751883004" + }, + { + "name": "GLSA-201607-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-07" + }, + { + "name": "openSUSE-SU-2016:1433", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00063.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1890.json b/2016/1xxx/CVE-2016-1890.json index fd78d857d87..59ee0c3f4d5 100644 --- a/2016/1xxx/CVE-2016-1890.json +++ b/2016/1xxx/CVE-2016-1890.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1890", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1890", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5079.json b/2016/5xxx/CVE-2016-5079.json index 77e7b9e4279..ec8c8580faf 100644 --- a/2016/5xxx/CVE-2016-5079.json +++ b/2016/5xxx/CVE-2016-5079.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5079", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5079", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5291.json b/2016/5xxx/CVE-2016-5291.json index 152a0cf8816..df0620e8cc8 100644 --- a/2016/5xxx/CVE-2016-5291.json +++ b/2016/5xxx/CVE-2016-5291.json @@ -1,125 +1,125 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@mozilla.org", - "ID" : "CVE-2016-5291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Thunderbird", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "45.5" - } - ] - } - }, - { - "product_name" : "Firefox ESR", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "45.5" - } - ] - } - }, - { - "product_name" : "Firefox", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "50" - } - ] - } - } - ] - }, - "vendor_name" : "Mozilla" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Same-origin policy violation using local HTML file and saved shortcut file" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-5291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Thunderbird", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "45.5" + } + ] + } + }, + { + "product_name": "Firefox ESR", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "45.5" + } + ] + } + }, + { + "product_name": "Firefox", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "50" + } + ] + } + } + ] + }, + "vendor_name": "Mozilla" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-89/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-89/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-90/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-90/" - }, - { - "name" : "https://www.mozilla.org/security/advisories/mfsa2016-93/", - "refsource" : "CONFIRM", - "url" : "https://www.mozilla.org/security/advisories/mfsa2016-93/" - }, - { - "name" : "DSA-3730", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2016/dsa-3730" - }, - { - "name" : "GLSA-201701-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-15" - }, - { - "name" : "RHSA-2016:2780", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2780.html" - }, - { - "name" : "94336", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94336" - }, - { - "name" : "1037298", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037298" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A same-origin policy bypass with local shortcut files to load arbitrary local content from disk. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Same-origin policy violation using local HTML file and saved shortcut file" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3730", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2016/dsa-3730" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1292159" + }, + { + "name": "1037298", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037298" + }, + { + "name": "GLSA-201701-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-15" + }, + { + "name": "94336", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94336" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-93/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-93/" + }, + { + "name": "RHSA-2016:2780", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2780.html" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-89/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-89/" + }, + { + "name": "https://www.mozilla.org/security/advisories/mfsa2016-90/", + "refsource": "CONFIRM", + "url": "https://www.mozilla.org/security/advisories/mfsa2016-90/" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5330.json b/2016/5xxx/CVE-2016-5330.json index 5e2fedd671d..259bfb2f8b9 100644 --- a/2016/5xxx/CVE-2016-5330.json +++ b/2016/5xxx/CVE-2016-5330.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5330", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5330", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/539131/100/0/threaded" - }, - { - "name" : "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", - "refsource" : "MISC", - "url" : "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html" - }, - { - "name" : "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", - "refsource" : "MISC", - "url" : "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload" - }, - { - "name" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", - "refsource" : "CONFIRM", - "url" : "http://www.vmware.com/security/advisories/VMSA-2016-0010.html" - }, - { - "name" : "92323", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92323" - }, - { - "name" : "1036544", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036544" - }, - { - "name" : "1036545", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036545" - }, - { - "name" : "1036619", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036619" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036544", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036544" + }, + { + "name": "1036619", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036619" + }, + { + "name": "92323", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92323" + }, + { + "name": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html", + "refsource": "CONFIRM", + "url": "http://www.vmware.com/security/advisories/VMSA-2016-0010.html" + }, + { + "name": "20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/539131/100/0/threaded" + }, + { + "name": "1036545", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036545" + }, + { + "name": "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html", + "refsource": "MISC", + "url": "https://securify.nl/advisory/SFY20151201/dll_side_loading_vulnerability_in_vmware_host_guest_client_redirector.html" + }, + { + "name": "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload", + "refsource": "MISC", + "url": "http://www.rapid7.com/db/modules/exploit/windows/misc/vmhgfs_webdav_dll_sideload" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5476.json b/2016/5xxx/CVE-2016-5476.json index c8fcee196ce..d29b9325ab6 100644 --- a/2016/5xxx/CVE-2016-5476.json +++ b/2016/5xxx/CVE-2016-5476.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5476", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5476", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91897", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91897" - }, - { - "name" : "1036397", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "1036397", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036397" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "91897", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91897" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5606.json b/2016/5xxx/CVE-2016-5606.json index 6aeb1138c6c..8521a30215b 100644 --- a/2016/5xxx/CVE-2016-5606.json +++ b/2016/5xxx/CVE-2016-5606.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5606", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5606", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93725", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93725" - }, - { - "name" : "1037048", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Kernel Zones." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037048", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037048" + }, + { + "name": "93725", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93725" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2403.json b/2018/2xxx/CVE-2018-2403.json index a16f1b2f202..ee1cbb8ff89 100644 --- a/2018/2xxx/CVE-2018-2403.json +++ b/2018/2xxx/CVE-2018-2403.json @@ -1,89 +1,89 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Disclosure Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "10.1" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 5.4, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "LOW", - "scope" : "UNCHANGED", - "userInteraction" : "NONE", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Information Disclosure" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Disclosure Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "10.1" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2595800", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2595800" - }, - { - "name" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/" - }, - { - "name" : "103727", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103727" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.support.sap.com/#/notes/2595800", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2595800" + }, + { + "name": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/" + }, + { + "name": "103727", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103727" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2941.json b/2018/2xxx/CVE-2018-2941.json index be214f22523..a9fd77fe849 100644 --- a/2018/2xxx/CVE-2018-2941.json +++ b/2018/2xxx/CVE-2018-2941.json @@ -1,106 +1,106 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2941", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 7u181" - }, - { - "version_affected" : "=", - "version_value" : "8u172" - }, - { - "version_affected" : "=", - "version_value" : "10.0.1" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2941", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 7u181" + }, + { + "version_affected": "=", + "version_value": "8u172" + }, + { + "version_affected": "=", + "version_value": "10.0.1" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180726-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180726-0001/" - }, - { - "name" : "RHSA-2018:2253", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2253" - }, - { - "name" : "RHSA-2018:2254", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2254" - }, - { - "name" : "RHSA-2018:2255", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2255" - }, - { - "name" : "RHSA-2018:2256", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2018:2256" - }, - { - "name" : "104775", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104775" - }, - { - "name" : "1041302", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041302" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u181, 8u172 and 10.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2018:2254", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2254" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180726-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180726-0001/" + }, + { + "name": "RHSA-2018:2255", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2255" + }, + { + "name": "104775", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104775" + }, + { + "name": "RHSA-2018:2256", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2256" + }, + { + "name": "RHSA-2018:2253", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:2253" + }, + { + "name": "1041302", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041302" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0084.json b/2019/0xxx/CVE-2019-0084.json index 1b213b3c6af..ba9003dd82c 100644 --- a/2019/0xxx/CVE-2019-0084.json +++ b/2019/0xxx/CVE-2019-0084.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0084", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0084", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0239.json b/2019/0xxx/CVE-2019-0239.json index 9efd8f7c743..b300b735be6 100644 --- a/2019/0xxx/CVE-2019-0239.json +++ b/2019/0xxx/CVE-2019-0239.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0239", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0239", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0605.json b/2019/0xxx/CVE-2019-0605.json index 922f112964b..4b5bf3eb683 100644 --- a/2019/0xxx/CVE-2019-0605.json +++ b/2019/0xxx/CVE-2019-0605.json @@ -1,125 +1,125 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0605", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Microsoft Edge", - "version" : { - "version_data" : [ - { - "version_value" : "Windows 10 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 for x64-based Systems" - }, - { - "version_value" : "Windows Server 2016" - }, - { - "version_value" : "Windows 10 Version 1607 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1607 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1703 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "Windows 10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "Windows Server 2019" - }, - { - "version_value" : "Windows 10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "ChakraCore", - "version" : { - "version_data" : [ - { - "version_value" : "" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Remote Code Execution" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0605", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Microsoft Edge", + "version": { + "version_data": [ + { + "version_value": "Windows 10 for 32-bit Systems" + }, + { + "version_value": "Windows 10 for x64-based Systems" + }, + { + "version_value": "Windows Server 2016" + }, + { + "version_value": "Windows 10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1607 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1703 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1703 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1709 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1803 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "Windows 10 Version 1809 for x64-based Systems" + }, + { + "version_value": "Windows 10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "Windows Server 2019" + }, + { + "version_value": "Windows 10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "ChakraCore", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" - }, - { - "name" : "106905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106905" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0605" + }, + { + "name": "106905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106905" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0763.json b/2019/0xxx/CVE-2019-0763.json index 039a246bd61..b9fa63c3e42 100644 --- a/2019/0xxx/CVE-2019-0763.json +++ b/2019/0xxx/CVE-2019-0763.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0763", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0763", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0970.json b/2019/0xxx/CVE-2019-0970.json index 2645cba18c8..c025f86a649 100644 --- a/2019/0xxx/CVE-2019-0970.json +++ b/2019/0xxx/CVE-2019-0970.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0970", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0970", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1205.json b/2019/1xxx/CVE-2019-1205.json index dfb6cb3e29f..00549af385a 100644 --- a/2019/1xxx/CVE-2019-1205.json +++ b/2019/1xxx/CVE-2019-1205.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1205", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1205", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1240.json b/2019/1xxx/CVE-2019-1240.json index 536913ac33b..d55fdeaa11c 100644 --- a/2019/1xxx/CVE-2019-1240.json +++ b/2019/1xxx/CVE-2019-1240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1240", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1240", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1366.json b/2019/1xxx/CVE-2019-1366.json index 75267e631a2..518f326587f 100644 --- a/2019/1xxx/CVE-2019-1366.json +++ b/2019/1xxx/CVE-2019-1366.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1366", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1366", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1544.json b/2019/1xxx/CVE-2019-1544.json index ece997aea76..45c4394ed54 100644 --- a/2019/1xxx/CVE-2019-1544.json +++ b/2019/1xxx/CVE-2019-1544.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1544", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1544", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4131.json b/2019/4xxx/CVE-2019-4131.json index 16b9adf998c..12c1f5a24e1 100644 --- a/2019/4xxx/CVE-2019-4131.json +++ b/2019/4xxx/CVE-2019-4131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4131", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4131", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4148.json b/2019/4xxx/CVE-2019-4148.json index 395c27e4324..d88f7df2ec9 100644 --- a/2019/4xxx/CVE-2019-4148.json +++ b/2019/4xxx/CVE-2019-4148.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4148", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4148", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4286.json b/2019/4xxx/CVE-2019-4286.json index ffd5feb703e..e1077de7e52 100644 --- a/2019/4xxx/CVE-2019-4286.json +++ b/2019/4xxx/CVE-2019-4286.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4286", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4286", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4355.json b/2019/4xxx/CVE-2019-4355.json index fbfce3b9955..3daac491a66 100644 --- a/2019/4xxx/CVE-2019-4355.json +++ b/2019/4xxx/CVE-2019-4355.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4355", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4355", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5043.json b/2019/5xxx/CVE-2019-5043.json index 16a1e5184d4..49c2a507512 100644 --- a/2019/5xxx/CVE-2019-5043.json +++ b/2019/5xxx/CVE-2019-5043.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5043", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5043", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5391.json b/2019/5xxx/CVE-2019-5391.json index 8fa91919f53..3bb371f8f94 100644 --- a/2019/5xxx/CVE-2019-5391.json +++ b/2019/5xxx/CVE-2019-5391.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5391", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5391", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5421.json b/2019/5xxx/CVE-2019-5421.json index eddb695e229..0d92563af00 100644 --- a/2019/5xxx/CVE-2019-5421.json +++ b/2019/5xxx/CVE-2019-5421.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5421", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5421", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5622.json b/2019/5xxx/CVE-2019-5622.json index 6bc52e43e74..11cd136000b 100644 --- a/2019/5xxx/CVE-2019-5622.json +++ b/2019/5xxx/CVE-2019-5622.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5622", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5622", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9001.json b/2019/9xxx/CVE-2019-9001.json index 4759b6ef502..7e80b1b96fe 100644 --- a/2019/9xxx/CVE-2019-9001.json +++ b/2019/9xxx/CVE-2019-9001.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9001", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9001", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9192.json b/2019/9xxx/CVE-2019-9192.json index 3520b798cc1..9eb71becc25 100644 --- a/2019/9xxx/CVE-2019-9192.json +++ b/2019/9xxx/CVE-2019-9192.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", - "refsource" : "MISC", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=24269" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\\\\1\\\\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269", + "refsource": "MISC", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=24269" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9725.json b/2019/9xxx/CVE-2019-9725.json index f23705a5356..c7397dfbf83 100644 --- a/2019/9xxx/CVE-2019-9725.json +++ b/2019/9xxx/CVE-2019-9725.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9725", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9725", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634", - "refsource" : "MISC", - "url" : "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634", + "refsource": "MISC", + "url": "https://medium.com/@bertinjoseb/korenix-jetport-web-manager-persistent-xss-6cf7e2a38634" + } + ] + } +} \ No newline at end of file