From eaac658efd38111906618e443c518de2d6103912 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Mar 2019 23:05:17 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0381.json | 150 ++++++------- 2007/0xxx/CVE-2007-0453.json | 260 ++++++++++----------- 2007/0xxx/CVE-2007-0472.json | 250 ++++++++++----------- 2007/0xxx/CVE-2007-0519.json | 150 ++++++------- 2007/0xxx/CVE-2007-0815.json | 160 ++++++------- 2007/0xxx/CVE-2007-0971.json | 180 +++++++-------- 2007/1xxx/CVE-2007-1059.json | 170 +++++++------- 2007/1xxx/CVE-2007-1255.json | 160 ++++++------- 2007/1xxx/CVE-2007-1442.json | 150 ++++++------- 2007/1xxx/CVE-2007-1498.json | 200 ++++++++--------- 2007/1xxx/CVE-2007-1543.json | 290 ++++++++++++------------ 2007/4xxx/CVE-2007-4054.json | 160 ++++++------- 2007/4xxx/CVE-2007-4317.json | 180 +++++++-------- 2007/5xxx/CVE-2007-5138.json | 140 ++++++------ 2007/5xxx/CVE-2007-5267.json | 350 ++++++++++++++--------------- 2007/5xxx/CVE-2007-5603.json | 230 +++++++++---------- 2007/5xxx/CVE-2007-5690.json | 190 ++++++++-------- 2015/3xxx/CVE-2015-3433.json | 34 +-- 2015/3xxx/CVE-2015-3574.json | 34 +-- 2015/3xxx/CVE-2015-3646.json | 150 ++++++------- 2015/6xxx/CVE-2015-6026.json | 34 +-- 2015/6xxx/CVE-2015-6075.json | 150 ++++++------- 2015/6xxx/CVE-2015-6763.json | 330 +++++++++++++-------------- 2015/6xxx/CVE-2015-6875.json | 34 +-- 2015/7xxx/CVE-2015-7077.json | 150 ++++++------- 2015/7xxx/CVE-2015-7849.json | 170 +++++++------- 2015/8xxx/CVE-2015-8063.json | 180 +++++++-------- 2015/8xxx/CVE-2015-8459.json | 230 +++++++++---------- 2016/0xxx/CVE-2016-0322.json | 130 +++++------ 2016/0xxx/CVE-2016-0458.json | 130 +++++------ 2016/0xxx/CVE-2016-0556.json | 130 +++++------ 2016/0xxx/CVE-2016-0580.json | 130 +++++------ 2016/1000xxx/CVE-2016-1000003.json | 130 +++++------ 2016/1xxx/CVE-2016-1027.json | 170 +++++++------- 2016/1xxx/CVE-2016-1558.json | 140 ++++++------ 2016/1xxx/CVE-2016-1824.json | 210 ++++++++--------- 2016/1xxx/CVE-2016-1852.json | 140 ++++++------ 2016/1xxx/CVE-2016-1992.json | 130 +++++------ 2016/4xxx/CVE-2016-4877.json | 140 ++++++------ 2016/5xxx/CVE-2016-5055.json | 120 +++++----- 2016/5xxx/CVE-2016-5596.json | 140 ++++++------ 2016/5xxx/CVE-2016-5838.json | 170 +++++++------- 2019/0xxx/CVE-2019-0201.json | 34 +-- 2019/0xxx/CVE-2019-0637.json | 216 +++++++++--------- 2019/0xxx/CVE-2019-0855.json | 34 +-- 2019/0xxx/CVE-2019-0979.json | 34 +-- 2019/1xxx/CVE-2019-1125.json | 34 +-- 2019/1xxx/CVE-2019-1557.json | 34 +-- 2019/1xxx/CVE-2019-1750.json | 34 +-- 2019/1xxx/CVE-2019-1857.json | 34 +-- 2019/3xxx/CVE-2019-3375.json | 34 +-- 2019/3xxx/CVE-2019-3468.json | 34 +-- 2019/3xxx/CVE-2019-3739.json | 34 +-- 2019/4xxx/CVE-2019-4043.json | 34 +-- 2019/4xxx/CVE-2019-4337.json | 34 +-- 2019/4xxx/CVE-2019-4485.json | 34 +-- 2019/4xxx/CVE-2019-4769.json | 34 +-- 2019/8xxx/CVE-2019-8540.json | 34 +-- 2019/8xxx/CVE-2019-8630.json | 34 +-- 2019/8xxx/CVE-2019-8735.json | 34 +-- 2019/8xxx/CVE-2019-8883.json | 34 +-- 2019/9xxx/CVE-2019-9213.json | 200 ++++++++--------- 2019/9xxx/CVE-2019-9370.json | 34 +-- 2019/9xxx/CVE-2019-9817.json | 34 +-- 64 files changed, 3986 insertions(+), 3986 deletions(-) diff --git a/2007/0xxx/CVE-2007-0381.json b/2007/0xxx/CVE-2007-0381.json index 5a9dadb8d86..9bef24c352c 100644 --- a/2007/0xxx/CVE-2007-0381.json +++ b/2007/0xxx/CVE-2007-0381.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0381", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0381", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070118 The vulnerabilities festival !", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" - }, - { - "name" : "http://www.atutor.ca/atutor/mantis/changelog_page.php", - "refsource" : "MISC", - "url" : "http://www.atutor.ca/atutor/mantis/changelog_page.php" - }, - { - "name" : "http://www.hackers.ir/advisories/festival.txt", - "refsource" : "MISC", - "url" : "http://www.hackers.ir/advisories/festival.txt" - }, - { - "name" : "34660", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34660" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in ATutor 1.5.3.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: CVE analysis suggests that the vendor fixed these issues." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "34660", + "refsource": "OSVDB", + "url": "http://osvdb.org/34660" + }, + { + "name": "http://www.atutor.ca/atutor/mantis/changelog_page.php", + "refsource": "MISC", + "url": "http://www.atutor.ca/atutor/mantis/changelog_page.php" + }, + { + "name": "20070118 The vulnerabilities festival !", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html" + }, + { + "name": "http://www.hackers.ir/advisories/festival.txt", + "refsource": "MISC", + "url": "http://www.hackers.ir/advisories/festival.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0453.json b/2007/0xxx/CVE-2007-0453.json index 28d78256d7b..98f379dacc5 100644 --- a/2007/0xxx/CVE-2007-0453.json +++ b/2007/0xxx/CVE-2007-0453.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0453", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0453", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459168/100/0/threaded" - }, - { - "name" : "20070207 rPSA-2007-0026-1 samba samba-swat", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459365/100/0/threaded" - }, - { - "name" : "http://us1.samba.org/samba/security/CVE-2007-0453.html", - "refsource" : "CONFIRM", - "url" : "http://us1.samba.org/samba/security/CVE-2007-0453.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1005", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1005" - }, - { - "name" : "OpenPKG-SA-2007.012", - "refsource" : "OPENPKG", - "url" : "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html" - }, - { - "name" : "SSA:2007-038-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916" - }, - { - "name" : "2007-0007", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2007/0007" - }, - { - "name" : "22410", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22410" - }, - { - "name" : "ADV-2007-0483", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0483" - }, - { - "name" : "33098", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33098" - }, - { - "name" : "1017589", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017589" - }, - { - "name" : "24043", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24043" - }, - { - "name" : "24101", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24101" - }, - { - "name" : "24151", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24151" - }, - { - "name" : "samba-winbind-bo(32231)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in the nss_winbind.so.1 library in Samba 3.0.21 through 3.0.23d, as used in the winbindd daemon on Solaris, allows attackers to execute arbitrary code via the (1) gethostbyname and (2) getipnodebyname functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24101", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24101" + }, + { + "name": "33098", + "refsource": "OSVDB", + "url": "http://osvdb.org/33098" + }, + { + "name": "20070207 rPSA-2007-0026-1 samba samba-swat", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459365/100/0/threaded" + }, + { + "name": "OpenPKG-SA-2007.012", + "refsource": "OPENPKG", + "url": "http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html" + }, + { + "name": "samba-winbind-bo(32231)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32231" + }, + { + "name": "24151", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24151" + }, + { + "name": "ADV-2007-0483", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0483" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1005", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1005" + }, + { + "name": "1017589", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017589" + }, + { + "name": "20070205 [SAMBA-SECURITY] CVE-2007-0453: Buffer overrun in nss_winbind.so.1 on Solaris", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459168/100/0/threaded" + }, + { + "name": "22410", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22410" + }, + { + "name": "http://us1.samba.org/samba/security/CVE-2007-0453.html", + "refsource": "CONFIRM", + "url": "http://us1.samba.org/samba/security/CVE-2007-0453.html" + }, + { + "name": "2007-0007", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2007/0007" + }, + { + "name": "SSA:2007-038-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.476916" + }, + { + "name": "24043", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24043" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0472.json b/2007/0xxx/CVE-2007-0472.json index d0dbe8c3e7a..4593195c81a 100644 --- a/2007/0xxx/CVE-2007-0472.json +++ b/2007/0xxx/CVE-2007-0472.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0472", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn't properly handled by the writeFile function in core/smb4kfileio.cpp." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@ubuntu.com", + "ID": "CVE-2007-0472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[smb4k-announce] 20061221 Smb4K 0.8.0 and security fixes released", - "refsource" : "MLIST", - "url" : "https://lists.berlios.de/pipermail/smb4k-announce/2006-December/000037.html" - }, - { - "name" : "http://developer.berlios.de/bugs/?func=detailbug&bug_id=9630&group_id=769", - "refsource" : "CONFIRM", - "url" : "http://developer.berlios.de/bugs/?func=detailbug&bug_id=9630&group_id=769" - }, - { - "name" : "http://developer.berlios.de/project/shownotes.php?release_id=11706", - "refsource" : "CONFIRM", - "url" : "http://developer.berlios.de/project/shownotes.php?release_id=11706" - }, - { - "name" : "http://developer.berlios.de/project/shownotes.php?release_id=11902", - "refsource" : "CONFIRM", - "url" : "http://developer.berlios.de/project/shownotes.php?release_id=11902" - }, - { - "name" : "http://developer.berlios.de/project/shownotes.php?release_id=9777", - "refsource" : "CONFIRM", - "url" : "http://developer.berlios.de/project/shownotes.php?release_id=9777" - }, - { - "name" : "GLSA-200703-09", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200703-09.xml" - }, - { - "name" : "MDKSA-2007:042", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:042" - }, - { - "name" : "SUSE-SR:2007:002", - "refsource" : "SUSE", - "url" : "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html" - }, - { - "name" : "22299", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22299" - }, - { - "name" : "ADV-2007-0393", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0393" - }, - { - "name" : "23937", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23937" - }, - { - "name" : "23984", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23984" - }, - { - "name" : "24111", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24111" - }, - { - "name" : "24469", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24469" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple race conditions in Smb4K before 0.8.0 allow local users to (1) modify arbitrary files via unspecified manipulations of Smb4K's lock file, which is not properly handled by the remove_lock_file function in core/smb4kfileio.cpp, and (2) add lines to the sudoers file via a symlink attack on temporary files, which isn't properly handled by the writeFile function in core/smb4kfileio.cpp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23984", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23984" + }, + { + "name": "[smb4k-announce] 20061221 Smb4K 0.8.0 and security fixes released", + "refsource": "MLIST", + "url": "https://lists.berlios.de/pipermail/smb4k-announce/2006-December/000037.html" + }, + { + "name": "SUSE-SR:2007:002", + "refsource": "SUSE", + "url": "http://lists.suse.com/archive/suse-security-announce/2007-Jan/0015.html" + }, + { + "name": "http://developer.berlios.de/project/shownotes.php?release_id=9777", + "refsource": "CONFIRM", + "url": "http://developer.berlios.de/project/shownotes.php?release_id=9777" + }, + { + "name": "22299", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22299" + }, + { + "name": "24111", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24111" + }, + { + "name": "24469", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24469" + }, + { + "name": "ADV-2007-0393", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0393" + }, + { + "name": "GLSA-200703-09", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200703-09.xml" + }, + { + "name": "23937", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23937" + }, + { + "name": "http://developer.berlios.de/project/shownotes.php?release_id=11902", + "refsource": "CONFIRM", + "url": "http://developer.berlios.de/project/shownotes.php?release_id=11902" + }, + { + "name": "http://developer.berlios.de/project/shownotes.php?release_id=11706", + "refsource": "CONFIRM", + "url": "http://developer.berlios.de/project/shownotes.php?release_id=11706" + }, + { + "name": "http://developer.berlios.de/bugs/?func=detailbug&bug_id=9630&group_id=769", + "refsource": "CONFIRM", + "url": "http://developer.berlios.de/bugs/?func=detailbug&bug_id=9630&group_id=769" + }, + { + "name": "MDKSA-2007:042", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:042" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0519.json b/2007/0xxx/CVE-2007-0519.json index 24911f217a8..c524d425f4d 100644 --- a/2007/0xxx/CVE-2007-0519.json +++ b/2007/0xxx/CVE-2007-0519.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0519", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U Instant Messenger allows remote authenticated users to inject arbitrary web script or HTML via the recipient field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0519", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070120 XMB \"U2U Instant Messenger\" Cross-Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457630/100/0/threaded" - }, - { - "name" : "http://aria-security.com/forum/showthread.php?p=129", - "refsource" : "MISC", - "url" : "http://aria-security.com/forum/showthread.php?p=129" - }, - { - "name" : "2182", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2182" - }, - { - "name" : "u2u-memcp-xss(31661)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31661" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in memcp.php in XMB U2U Instant Messenger allows remote authenticated users to inject arbitrary web script or HTML via the recipient field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070120 XMB \"U2U Instant Messenger\" Cross-Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457630/100/0/threaded" + }, + { + "name": "2182", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2182" + }, + { + "name": "u2u-memcp-xss(31661)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31661" + }, + { + "name": "http://aria-security.com/forum/showthread.php?p=129", + "refsource": "MISC", + "url": "http://aria-security.com/forum/showthread.php?p=129" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0815.json b/2007/0xxx/CVE-2007-0815.json index 589ec423978..1d3e797e1bf 100644 --- a/2007/0xxx/CVE-2007-0815.json +++ b/2007/0xxx/CVE-2007-0815.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in images_archive.asp in Uapplication Uphotogallery 1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the s parameter. NOTE: the thumbnails.asp vector is already covered by CVE-2006-3023." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070204 Uphotogallery Multiple Cross-Site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459187/100/0/threaded" - }, - { - "name" : "22404", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22404" - }, - { - "name" : "33243", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33243" - }, - { - "name" : "2227", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2227" - }, - { - "name" : "uphotogallery-imagesarchive-xss(32229)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32229" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in images_archive.asp in Uapplication Uphotogallery 1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the s parameter. NOTE: the thumbnails.asp vector is already covered by CVE-2006-3023." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "uphotogallery-imagesarchive-xss(32229)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32229" + }, + { + "name": "33243", + "refsource": "OSVDB", + "url": "http://osvdb.org/33243" + }, + { + "name": "20070204 Uphotogallery Multiple Cross-Site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459187/100/0/threaded" + }, + { + "name": "2227", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2227" + }, + { + "name": "22404", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22404" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0971.json b/2007/0xxx/CVE-2007-0971.json index b91d63337d5..2dc3f2eb144 100644 --- a/2007/0xxx/CVE-2007-0971.json +++ b/2007/0xxx/CVE-2007-0971.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0971", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other PHP scripts. NOTE: the attack vector might involve _SERVER." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0971", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460076/100/0/threaded" - }, - { - "name" : "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460100/100/0/threaded" - }, - { - "name" : "http://mgsdl.free.fr/advisories/12070214.txt", - "refsource" : "MISC", - "url" : "http://mgsdl.free.fr/advisories/12070214.txt" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/12070214.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/12070214.txt" - }, - { - "name" : "3310", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3310" - }, - { - "name" : "22560", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22560" - }, - { - "name" : "33727", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33727" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Jupiter CMS 1.1.5 allow remote attackers to execute arbitrary SQL commands via the Client-IP HTTP header and certain other HTTP headers, which set the ip variable that is used in SQL queries performed by index.php and certain other PHP scripts. NOTE: the attack vector might involve _SERVER." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://mgsdl.free.fr/advisories/12070214.txt", + "refsource": "MISC", + "url": "http://mgsdl.free.fr/advisories/12070214.txt" + }, + { + "name": "33727", + "refsource": "OSVDB", + "url": "http://osvdb.org/33727" + }, + { + "name": "3310", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3310" + }, + { + "name": "22560", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22560" + }, + { + "name": "20070214 Jupiter CMS 1.1.5 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460076/100/0/threaded" + }, + { + "name": "20070214 Re: Jupiter CMS 1.1.5 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460100/100/0/threaded" + }, + { + "name": "http://www.acid-root.new.fr/advisories/12070214.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/12070214.txt" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1059.json b/2007/1xxx/CVE-2007-1059.json index 0357dafbfb6..5417dbdb746 100644 --- a/2007/1xxx/CVE-2007-1059.json +++ b/2007/1xxx/CVE-2007-1059.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention \"Ultimate Fun Board,\" but this appears to be an error." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3336", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3336" - }, - { - "name" : "22633", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22633" - }, - { - "name" : "ADV-2007-0675", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0675" - }, - { - "name" : "33305", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33305" - }, - { - "name" : "24219", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24219" - }, - { - "name" : "ultimatefunbook-function-file-include(32584)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32584" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in function.php in Ultimate Fun Book 1.02 allows remote attackers to execute arbitrary PHP code via a URL in the gbpfad parameter. NOTE: some sources mention \"Ultimate Fun Board,\" but this appears to be an error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "33305", + "refsource": "OSVDB", + "url": "http://osvdb.org/33305" + }, + { + "name": "ADV-2007-0675", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0675" + }, + { + "name": "24219", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24219" + }, + { + "name": "3336", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3336" + }, + { + "name": "ultimatefunbook-function-file-include(32584)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32584" + }, + { + "name": "22633", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22633" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1255.json b/2007/1xxx/CVE-2007-1255.json index eaa8f8b2681..9631802aa2a 100644 --- a/2007/1xxx/CVE-2007-1255.json +++ b/2007/1xxx/CVE-2007-1255.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1255", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1255", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070221 Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/460947/100/0/threaded" - }, - { - "name" : "3352", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3352" - }, - { - "name" : "33538", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33538" - }, - { - "name" : "24255", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24255" - }, - { - "name" : "2364", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2364" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24255", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24255" + }, + { + "name": "2364", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2364" + }, + { + "name": "33538", + "refsource": "OSVDB", + "url": "http://osvdb.org/33538" + }, + { + "name": "20070221 Connectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/460947/100/0/threaded" + }, + { + "name": "3352", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3352" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1442.json b/2007/1xxx/CVE-2007-1442.json index 24acb766314..ec3239e1205 100644 --- a/2007/1xxx/CVE-2007-1442.json +++ b/2007/1xxx/CVE-2007-1442.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1442", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1442", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://argeniss.com/research/10MinSecAudit.zip", - "refsource" : "MISC", - "url" : "http://argeniss.com/research/10MinSecAudit.zip" - }, - { - "name" : "22905", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22905" - }, - { - "name" : "33979", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33979" - }, - { - "name" : "24475", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24475" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24475", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24475" + }, + { + "name": "22905", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22905" + }, + { + "name": "33979", + "refsource": "OSVDB", + "url": "http://osvdb.org/33979" + }, + { + "name": "http://argeniss.com/research/10MinSecAudit.zip", + "refsource": "MISC", + "url": "http://argeniss.com/research/10MinSecAudit.zip" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1498.json b/2007/1xxx/CVE-2007-1498.json index 5fe679fb252..fedf880eb49 100644 --- a/2007/1xxx/CVE-2007-1498.json +++ b/2007/1xxx/CVE-2007-1498.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1498", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1498", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html" - }, - { - "name" : "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html" - }, - { - "name" : "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html" - }, - { - "name" : "VU#714593", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/714593" - }, - { - "name" : "22952", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22952" - }, - { - "name" : "ADV-2007-0931", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0931" - }, - { - "name" : "1017757", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017757" - }, - { - "name" : "24466", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24466" - }, - { - "name" : "2444", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2444" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the SiteManager.SiteMgr.1 ActiveX control (SiteManager.dll) in the ePO management console in McAfee ePolicy Orchestrator (ePO) before 3.6.1 Patch 1 and ProtectionPilot (PRP) before 1.5.0 HotFix allow remote attackers to execute arbitrary code via a long argument to the (1) ExportSiteList and (2) VerifyPackageCatalog functions, and (3) unspecified vectors involving a swprintf function call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22952", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22952" + }, + { + "name": "2444", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2444" + }, + { + "name": "ADV-2007-0931", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0931" + }, + { + "name": "VU#714593", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/714593" + }, + { + "name": "20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052960.html" + }, + { + "name": "1017757", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017757" + }, + { + "name": "24466", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24466" + }, + { + "name": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "https://knowledge.mcafee.com/article/26/612496_f.SAL_Public.html" + }, + { + "name": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "https://knowledge.mcafee.com/article/25/612495_f.SAL_Public.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1543.json b/2007/1xxx/CVE-2007-1543.json index 67bb7e2321c..a64fcd3b6ae 100644 --- a/2007/1xxx/CVE-2007-1543.json +++ b/2007/1xxx/CVE-2007-1543.json @@ -1,147 +1,147 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070403 FLEA-2007-0007-1: nas", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" - }, - { - "name" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt", - "refsource" : "MISC", - "url" : "http://aluigi.altervista.org/adv/nasbugs-adv.txt" - }, - { - "name" : "http://www.radscan.com/nas/HISTORY", - "refsource" : "CONFIRM", - "url" : "http://www.radscan.com/nas/HISTORY" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1155", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1155" - }, - { - "name" : "DSA-1273", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1273" - }, - { - "name" : "GLSA-200704-20", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200704-20.xml" - }, - { - "name" : "MDKSA-2007:065", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" - }, - { - "name" : "USN-446-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-446-1" - }, - { - "name" : "23017", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23017" - }, - { - "name" : "ADV-2007-0997", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0997" - }, - { - "name" : "1017822", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017822" - }, - { - "name" : "24527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24527" - }, - { - "name" : "24601", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24601" - }, - { - "name" : "24628", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24628" - }, - { - "name" : "24638", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24638" - }, - { - "name" : "24980", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24980" - }, - { - "name" : "24783", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24783" - }, - { - "name" : "nas-uslsocket-bo(33047)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2007:065", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:065" + }, + { + "name": "1017822", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017822" + }, + { + "name": "24980", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24980" + }, + { + "name": "24527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24527" + }, + { + "name": "23017", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23017" + }, + { + "name": "nas-uslsocket-bo(33047)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33047" + }, + { + "name": "24601", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24601" + }, + { + "name": "USN-446-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-446-1" + }, + { + "name": "24628", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24628" + }, + { + "name": "GLSA-200704-20", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200704-20.xml" + }, + { + "name": "ADV-2007-0997", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0997" + }, + { + "name": "24783", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24783" + }, + { + "name": "20070403 FLEA-2007-0007-1: nas", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/464606/30/7230/threaded" + }, + { + "name": "24638", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24638" + }, + { + "name": "http://aluigi.altervista.org/adv/nasbugs-adv.txt", + "refsource": "MISC", + "url": "http://aluigi.altervista.org/adv/nasbugs-adv.txt" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1155", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1155" + }, + { + "name": "DSA-1273", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1273" + }, + { + "name": "http://www.radscan.com/nas/HISTORY", + "refsource": "CONFIRM", + "url": "http://www.radscan.com/nas/HISTORY" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4054.json b/2007/4xxx/CVE-2007-4054.json index 03458d92748..51c8f534916 100644 --- a/2007/4xxx/CVE-2007-4054.json +++ b/2007/4xxx/CVE-2007-4054.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4054", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4054", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4241", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4241" - }, - { - "name" : "25128", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25128" - }, - { - "name" : "ADV-2007-2693", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2693" - }, - { - "name" : "37130", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37130" - }, - { - "name" : "topsites-category-sql-injection(35679)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35679" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in category.php in PHP123 Top Sites allows remote attackers to execute arbitrary SQL commands via the cat parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37130", + "refsource": "OSVDB", + "url": "http://osvdb.org/37130" + }, + { + "name": "25128", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25128" + }, + { + "name": "4241", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4241" + }, + { + "name": "ADV-2007-2693", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2693" + }, + { + "name": "topsites-category-sql-injection(35679)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35679" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4317.json b/2007/4xxx/CVE-2007-4317.json index bdce63cae46..78b90a926f5 100644 --- a/2007/4xxx/CVE-2007-4317.json +++ b/2007/4xxx/CVE-2007-4317.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4317", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4317", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070810 Zyxel Zywall 2 multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476031/100/0/threaded" - }, - { - "name" : "http://www.louhi.fi/advisory/zyxel_070810.txt", - "refsource" : "MISC", - "url" : "http://www.louhi.fi/advisory/zyxel_070810.txt" - }, - { - "name" : "25262", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25262" - }, - { - "name" : "37670", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37670" - }, - { - "name" : "26381", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26381" - }, - { - "name" : "3002", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3002" - }, - { - "name" : "zywall-management-csrf(35913)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35913" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in the management interface in ZyNOS firmware 3.62(WK.6) on the Zyxel Zywall 2 device allow remote attackers to perform certain actions as administrators, as demonstrated by a request to Forms/General_1 with the (1) sysSystemName and (2) sysDomainName parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.louhi.fi/advisory/zyxel_070810.txt", + "refsource": "MISC", + "url": "http://www.louhi.fi/advisory/zyxel_070810.txt" + }, + { + "name": "20070810 Zyxel Zywall 2 multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476031/100/0/threaded" + }, + { + "name": "37670", + "refsource": "OSVDB", + "url": "http://osvdb.org/37670" + }, + { + "name": "3002", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3002" + }, + { + "name": "26381", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26381" + }, + { + "name": "zywall-management-csrf(35913)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35913" + }, + { + "name": "25262", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25262" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5138.json b/2007/5xxx/CVE-2007-5138.json index e7d7b63be15..64599a29be6 100644 --- a/2007/5xxx/CVE-2007-5138.json +++ b/2007/5xxx/CVE-2007-5138.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in forum/forum.php in lustig.cms BETA 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the view parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4461", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4461" - }, - { - "name" : "25833", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25833" - }, - { - "name" : "lustig-forum-file-include(36830)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36830" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in forum/forum.php in lustig.cms BETA 2.5 allows remote attackers to execute arbitrary PHP code via a URL in the view parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25833", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25833" + }, + { + "name": "4461", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4461" + }, + { + "name": "lustig-forum-file-include(36830)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36830" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5267.json b/2007/5xxx/CVE-2007-5267.json index 1b28458eadf..a976b267ba4 100644 --- a/2007/5xxx/CVE-2007-5267.json +++ b/2007/5xxx/CVE-2007-5267.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5267", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5267", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071112 FLEA-2007-0065-1 libpng", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483582/100/0/threaded" - }, - { - "name" : "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/489135/100/0/threaded" - }, - { - "name" : "[png-mng-implement] 20071005 libpng 1.2.21 iCCP chunk handling bug", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/forum.php?thread_name=47067C84.7010205%40playstation.sony.com&forum_name=png-mng-implement" - }, - { - "name" : "[png-mng-implement] 20071015 libpng 1.2.21 iCCP chunk handling bug", - "refsource" : "MLIST", - "url" : "http://sourceforge.net/mailarchive/message.php?msg_name=3.0.6.32.20071005143158.012ada08%40mail.comcast.net" - }, - { - "name" : "http://www.coresecurity.com/?action=item&id=2148", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/?action=item&id=2148" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-1814", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-1814" - }, - { - "name" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", - "refsource" : "CONFIRM", - "url" : "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307562", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307562" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm" - }, - { - "name" : "APPLE-SA-2008-03-18", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" - }, - { - "name" : "SSA:2007-325-01", - "refsource" : "SLACKWARE", - "url" : "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323" - }, - { - "name" : "259989", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1" - }, - { - "name" : "1020521", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1" - }, - { - "name" : "25957", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25957" - }, - { - "name" : "35302", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35302" - }, - { - "name" : "35386", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35386" - }, - { - "name" : "ADV-2007-3391", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3391" - }, - { - "name" : "ADV-2008-0924", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0924/references" - }, - { - "name" : "27130", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27130" - }, - { - "name" : "27284", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27284" - }, - { - "name" : "27746", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27746" - }, - { - "name" : "29420", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29420" - }, - { - "name" : "ADV-2009-1462", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1462" - }, - { - "name" : "ADV-2009-1560", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1560" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-3391", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3391" + }, + { + "name": "https://issues.rpath.com/browse/RPL-1814", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-1814" + }, + { + "name": "35386", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35386" + }, + { + "name": "1020521", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1020521.1-1" + }, + { + "name": "[png-mng-implement] 20071015 libpng 1.2.21 iCCP chunk handling bug", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/message.php?msg_name=3.0.6.32.20071005143158.012ada08%40mail.comcast.net" + }, + { + "name": "ADV-2009-1560", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1560" + }, + { + "name": "ADV-2009-1462", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1462" + }, + { + "name": "[png-mng-implement] 20071005 libpng 1.2.21 iCCP chunk handling bug", + "refsource": "MLIST", + "url": "http://sourceforge.net/mailarchive/forum.php?thread_name=47067C84.7010205%40playstation.sony.com&forum_name=png-mng-implement" + }, + { + "name": "27746", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27746" + }, + { + "name": "http://www.coresecurity.com/?action=item&id=2148", + "refsource": "MISC", + "url": "http://www.coresecurity.com/?action=item&id=2148" + }, + { + "name": "259989", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-259989-1" + }, + { + "name": "35302", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35302" + }, + { + "name": "ADV-2008-0924", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0924/references" + }, + { + "name": "27130", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27130" + }, + { + "name": "29420", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29420" + }, + { + "name": "APPLE-SA-2008-03-18", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html" + }, + { + "name": "27284", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27284" + }, + { + "name": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html", + "refsource": "CONFIRM", + "url": "http://android-developers.blogspot.com/2008/03/android-sdk-update-m5-rc15-released.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307562", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307562" + }, + { + "name": "SSA:2007-325-01", + "refsource": "SLACKWARE", + "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.520323" + }, + { + "name": "20071112 FLEA-2007-0065-1 libpng", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483582/100/0/threaded" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-208.htm" + }, + { + "name": "25957", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25957" + }, + { + "name": "20080304 CORE-2008-0124: Multiple vulnerabilities in Google's Android SDK", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/489135/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5603.json b/2007/5xxx/CVE-2007-5603.json index b83d386e8ed..f347ec6b5a8 100644 --- a/2007/5xxx/CVE-2007-5603.json +++ b/2007/5xxx/CVE-2007-5603.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5603", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2007-5603", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071101 SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALLSSL-VPN Client", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483097/100/0/threaded" - }, - { - "name" : "4594", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4594" - }, - { - "name" : "http://www.kb.cert.org/vuls/id/WDON-78K56M", - "refsource" : "MISC", - "url" : "http://www.kb.cert.org/vuls/id/WDON-78K56M" - }, - { - "name" : "http://www.sec-consult.com/303.html", - "refsource" : "MISC", - "url" : "http://www.sec-consult.com/303.html" - }, - { - "name" : "http://www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt", - "refsource" : "MISC", - "url" : "http://www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt" - }, - { - "name" : "VU#298521", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/298521" - }, - { - "name" : "26288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26288" - }, - { - "name" : "ADV-2007-3696", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3696" - }, - { - "name" : "1018891", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018891" - }, - { - "name" : "27469", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27469" - }, - { - "name" : "3342", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3342" - }, - { - "name" : "sonicwall-nelaunchctrl-bo(38220)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38220" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the SonicWall SSL-VPN NetExtender NELaunchCtrl ActiveX control before 2.1.0.51, and 2.5.x before 2.5.0.56, allows remote attackers to execute arbitrary code via a long string in the second argument to the AddRouteEntry method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.kb.cert.org/vuls/id/WDON-78K56M", + "refsource": "MISC", + "url": "http://www.kb.cert.org/vuls/id/WDON-78K56M" + }, + { + "name": "VU#298521", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/298521" + }, + { + "name": "ADV-2007-3696", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3696" + }, + { + "name": "http://www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt", + "refsource": "MISC", + "url": "http://www.sec-consult.com/fileadmin/Advisories/20071101-0_sonicwall_multiple.txt" + }, + { + "name": "4594", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4594" + }, + { + "name": "3342", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3342" + }, + { + "name": "26288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26288" + }, + { + "name": "1018891", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018891" + }, + { + "name": "27469", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27469" + }, + { + "name": "20071101 SEC Consult SA-20071101-0 :: Multiple Vulnerabilities in SonicWALLSSL-VPN Client", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483097/100/0/threaded" + }, + { + "name": "sonicwall-nelaunchctrl-bo(38220)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38220" + }, + { + "name": "http://www.sec-consult.com/303.html", + "refsource": "MISC", + "url": "http://www.sec-consult.com/303.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5690.json b/2007/5xxx/CVE-2007-5690.json index 9d0ac719e8e..9dc7c7a6aa9 100644 --- a/2007/5xxx/CVE-2007-5690.json +++ b/2007/5xxx/CVE-2007-5690.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5690", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5690", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071020 [ELEYTT] Public Advisory 20-10-2007", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482597/100/0/threaded" - }, - { - "name" : "20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483481/100/0/threaded" - }, - { - "name" : "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf", - "refsource" : "MISC", - "url" : "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf" - }, - { - "name" : "http://downloads.digium.com/pub/asa/AST-2007-024.html", - "refsource" : "MISC", - "url" : "http://downloads.digium.com/pub/asa/AST-2007-024.html" - }, - { - "name" : "26160", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26160" - }, - { - "name" : "1018885", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018885" - }, - { - "name" : "3319", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3319" - }, - { - "name" : "zaptel-sethdlc-bo(37335)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Buffer overflow in sethdlc.c in the Asterisk Zaptel 1.4.5.1 might allow local users to gain privileges via a long device name (interface name) in the ifr_name field. NOTE: the vendor disputes this issue, stating that the application requires root access, so privilege boundaries are not crossed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20071020 [ELEYTT] Public Advisory 20-10-2007", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482597/100/0/threaded" + }, + { + "name": "zaptel-sethdlc-bo(37335)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37335" + }, + { + "name": "http://downloads.digium.com/pub/asa/AST-2007-024.html", + "refsource": "MISC", + "url": "http://downloads.digium.com/pub/asa/AST-2007-024.html" + }, + { + "name": "20071108 AST-2007-024 - Fallacious security advisory spread on the Internet involving buffer overflow in Zaptel's sethdlc application", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483481/100/0/threaded" + }, + { + "name": "26160", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26160" + }, + { + "name": "1018885", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018885" + }, + { + "name": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf", + "refsource": "MISC", + "url": "http://www.eleytt.com/advisories/eleytt_ZAPTEL.pdf" + }, + { + "name": "3319", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3319" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3433.json b/2015/3xxx/CVE-2015-3433.json index 8443d7932f6..d1e28e59f04 100644 --- a/2015/3xxx/CVE-2015-3433.json +++ b/2015/3xxx/CVE-2015-3433.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3433", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3433", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3574.json b/2015/3xxx/CVE-2015-3574.json index 70a938cdfa0..6dfc02dbb34 100644 --- a/2015/3xxx/CVE-2015-3574.json +++ b/2015/3xxx/CVE-2015-3574.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3574", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3574", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3646.json b/2015/3xxx/CVE-2015-3646.json index 2cc7d5d7b77..d47e145802d 100644 --- a/2015/3xxx/CVE-2015-3646.json +++ b/2015/3xxx/CVE-2015-3646.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[openstack-announce] 20150505 [OSSA 2015-008] Potential Keystone cache backend password leak in log (CVE-2015-3646)", - "refsource" : "MLIST", - "url" : "http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html" - }, - { - "name" : "https://bugs.launchpad.net/keystone/+bug/1443598", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/keystone/+bug/1443598" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" - }, - { - "name" : "74456", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74456" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[openstack-announce] 20150505 [OSSA 2015-008] Potential Keystone cache backend password leak in log (CVE-2015-3646)", + "refsource": "MLIST", + "url": "http://lists.openstack.org/pipermail/openstack-announce/2015-May/000356.html" + }, + { + "name": "74456", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74456" + }, + { + "name": "https://bugs.launchpad.net/keystone/+bug/1443598", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/keystone/+bug/1443598" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6026.json b/2015/6xxx/CVE-2015-6026.json index 2a7025d042c..48b42c3dc06 100644 --- a/2015/6xxx/CVE-2015-6026.json +++ b/2015/6xxx/CVE-2015-6026.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6026", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6026", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6075.json b/2015/6xxx/CVE-2015-6075.json index 20504f368a3..293cddabf2d 100644 --- a/2015/6xxx/CVE-2015-6075.json +++ b/2015/6xxx/CVE-2015-6075.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6075", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-6075", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-540", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-540" - }, - { - "name" : "MS15-112", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" - }, - { - "name" : "77448", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77448" - }, - { - "name" : "1034112", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034112" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-6068, CVE-2015-6072, CVE-2015-6073, CVE-2015-6077, CVE-2015-6079, CVE-2015-6080, and CVE-2015-6082." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034112", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034112" + }, + { + "name": "77448", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77448" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-540", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-540" + }, + { + "name": "MS15-112", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-112" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6763.json b/2015/6xxx/CVE-2015-6763.json index c0374ec0379..3076a4b0896 100644 --- a/2015/6xxx/CVE-2015-6763.json +++ b/2015/6xxx/CVE-2015-6763.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6763", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6763", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38763", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38763/" - }, - { - "name" : "http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html" - }, - { - "name" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=512053", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=512053" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=516690", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=516690" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=522128", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=522128" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=522131", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=522131" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=525763", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=525763" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=527423", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=527423" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=528798", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=528798" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=528799", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=528799" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=529310", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=529310" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=529520", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=529520" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=529530", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=529530" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=542517", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=542517" - }, - { - "name" : "DSA-3376", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3376" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "RHSA-2015:1912", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1912.html" - }, - { - "name" : "USN-2770-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-1" - }, - { - "name" : "USN-2770-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2770-2" - }, - { - "name" : "77071", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77071" - }, - { - "name" : "1033816", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.google.com/p/chromium/issues/detail?id=529520", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=529520" + }, + { + "name": "38763", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38763/" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=529310", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=529310" + }, + { + "name": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html" + }, + { + "name": "77071", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77071" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=522128", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=522128" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=512053", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=512053" + }, + { + "name": "DSA-3376", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3376" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=522131", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=522131" + }, + { + "name": "http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134482/Google-Chrome-Integer-Overflow.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=529530", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=529530" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=528799", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=528799" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=516690", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=516690" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=527423", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=527423" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=542517", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=542517" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "1033816", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033816" + }, + { + "name": "USN-2770-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-1" + }, + { + "name": "RHSA-2015:1912", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1912.html" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=528798", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=528798" + }, + { + "name": "USN-2770-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2770-2" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=525763", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=525763" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6875.json b/2015/6xxx/CVE-2015-6875.json index bc2647355c9..791ab37912a 100644 --- a/2015/6xxx/CVE-2015-6875.json +++ b/2015/6xxx/CVE-2015-6875.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6875", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6875", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7077.json b/2015/7xxx/CVE-2015-7077.json index b7aaa3a40aa..73d0e3bead6 100644 --- a/2015/7xxx/CVE-2015-7077.json +++ b/2015/7xxx/CVE-2015-7077.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7077", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-7077", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39368", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39368/" - }, - { - "name" : "https://support.apple.com/HT205637", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205637" - }, - { - "name" : "APPLE-SA-2015-12-08-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" - }, - { - "name" : "1034344", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034344" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Intel Graphics Driver component in Apple OS X before 10.11.2 allows local users to gain privileges or cause a denial of service (out-of-bounds memory access) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT205637", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205637" + }, + { + "name": "1034344", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034344" + }, + { + "name": "39368", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39368/" + }, + { + "name": "APPLE-SA-2015-12-08-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7849.json b/2015/7xxx/CVE-2015-7849.json index b69d4c75e6a..f2e8623ba18 100644 --- a/2015/7xxx/CVE-2015-7849.json +++ b/2015/7xxx/CVE-2015-7849.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7849", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7849", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.ntp.org/bin/view/Main/NtpBug2916", - "refsource" : "CONFIRM", - "url" : "http://support.ntp.org/bin/view/Main/NtpBug2916" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274257", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274257" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20171004-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20171004-0001/" - }, - { - "name" : "GLSA-201607-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201607-15" - }, - { - "name" : "77276", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77276" - }, - { - "name" : "1033951", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033951" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274257", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274257" + }, + { + "name": "http://support.ntp.org/bin/view/Main/NtpBug2916", + "refsource": "CONFIRM", + "url": "http://support.ntp.org/bin/view/Main/NtpBug2916" + }, + { + "name": "1033951", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033951" + }, + { + "name": "77276", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77276" + }, + { + "name": "GLSA-201607-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201607-15" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20171004-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8063.json b/2015/8xxx/CVE-2015-8063.json index e604062c255..ae94866ecd8 100644 --- a/2015/8xxx/CVE-2015-8063.json +++ b/2015/8xxx/CVE-2015-8063.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8063", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8063", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "SUSE-SU-2015:2236", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:2247", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:2239", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" - }, - { - "name" : "78715", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/78715" - }, - { - "name" : "1034318", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-8048, CVE-2015-8049, CVE-2015-8050, CVE-2015-8055, CVE-2015-8056, CVE-2015-8057, CVE-2015-8058, CVE-2015-8059, CVE-2015-8061, CVE-2015-8062, CVE-2015-8064, CVE-2015-8065, CVE-2015-8066, CVE-2015-8067, CVE-2015-8068, CVE-2015-8069, CVE-2015-8070, CVE-2015-8071, CVE-2015-8401, CVE-2015-8402, CVE-2015-8403, CVE-2015-8404, CVE-2015-8405, CVE-2015-8406, CVE-2015-8410, CVE-2015-8411, CVE-2015-8412, CVE-2015-8413, CVE-2015-8414, CVE-2015-8420, CVE-2015-8421, CVE-2015-8422, CVE-2015-8423, CVE-2015-8424, CVE-2015-8425, CVE-2015-8426, CVE-2015-8427, CVE-2015-8428, CVE-2015-8429, CVE-2015-8430, CVE-2015-8431, CVE-2015-8432, CVE-2015-8433, CVE-2015-8434, CVE-2015-8435, CVE-2015-8436, CVE-2015-8437, CVE-2015-8441, CVE-2015-8442, CVE-2015-8447, CVE-2015-8448, CVE-2015-8449, CVE-2015-8450, CVE-2015-8452, and CVE-2015-8454." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2239", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00008.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-32.html" + }, + { + "name": "78715", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/78715" + }, + { + "name": "SUSE-SU-2015:2236", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00007.html" + }, + { + "name": "SUSE-SU-2015:2247", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00012.html" + }, + { + "name": "1034318", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034318" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8459.json b/2015/8xxx/CVE-2015-8459.json index 5d7eb8bcf32..8d0cf9dbe99 100644 --- a/2015/8xxx/CVE-2015-8459.json +++ b/2015/8xxx/CVE-2015-8459.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8459", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-8459", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" - }, - { - "name" : "GLSA-201601-03", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-03" - }, - { - "name" : "RHSA-2015:2697", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-2697.html" - }, - { - "name" : "SUSE-SU-2015:2401", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" - }, - { - "name" : "SUSE-SU-2015:2402", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" - }, - { - "name" : "openSUSE-SU-2015:2400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" - }, - { - "name" : "openSUSE-SU-2015:2403", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" - }, - { - "name" : "79700", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79700" - }, - { - "name" : "1034544", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034544" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler before 20.0.0.233 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-8460, CVE-2015-8636, and CVE-2015-8645." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:2403", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html" + }, + { + "name": "1034544", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034544" + }, + { + "name": "RHSA-2015:2697", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-2697.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-01.html" + }, + { + "name": "SUSE-SU-2015:2401", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.html" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722" + }, + { + "name": "79700", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79700" + }, + { + "name": "SUSE-SU-2015:2402", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.html" + }, + { + "name": "openSUSE-SU-2015:2400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.html" + }, + { + "name": "GLSA-201601-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-03" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0322.json b/2016/0xxx/CVE-2016-0322.json index a2615d0bc3a..3420a2a9cc0 100644 --- a/2016/0xxx/CVE-2016-0322.json +++ b/2016/0xxx/CVE-2016-0322.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0322", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 through CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML by uploading an HTML document." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0322", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982611", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21982611" - }, - { - "name" : "LO88783", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88783" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, 5.0 through CR4, and 5.5 before CR1 allows remote authenticated users to inject arbitrary web script or HTML by uploading an HTML document." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "LO88783", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LO88783" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21982611", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21982611" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0458.json b/2016/0xxx/CVE-2016-0458.json index 7bff49973b6..55059af1c6a 100644 --- a/2016/0xxx/CVE-2016-0458.json +++ b/2016/0xxx/CVE-2016-0458.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0458", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Kernel DAX." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034735", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034735" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vectors related to Kernel DAX." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034735", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034735" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0556.json b/2016/0xxx/CVE-2016-0556.json index f57d001c28e..da4c8164fd5 100644 --- a/2016/0xxx/CVE-2016-0556.json +++ b/2016/0xxx/CVE-2016-0556.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0556", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0557." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0556", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Advanced Collections component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Administration, a different vulnerability than CVE-2016-0557." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0580.json b/2016/0xxx/CVE-2016-0580.json index 59a53751d90..3a53f901b09 100644 --- a/2016/0xxx/CVE-2016-0580.json +++ b/2016/0xxx/CVE-2016-0580.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034726", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034726" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034726", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034726" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000003.json b/2016/1000xxx/CVE-2016-1000003.json index 8e1991a4ef2..61714687f72 100644 --- a/2016/1000xxx/CVE-2016-1000003.json +++ b/2016/1000xxx/CVE-2016-1000003.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000003", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000003", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/fedora-infra/mirrormanager2/commit/2e227f6023477cbdbefd577f15d0846aa40c8775.patch", - "refsource" : "MISC", - "url" : "https://github.com/fedora-infra/mirrormanager2/commit/2e227f6023477cbdbefd577f15d0846aa40c8775.patch" - }, - { - "name" : "https://github.com/fedora-infra/mirrormanager2/commit/eb9b542bc818071b9eee41c3583b7e6e172b3a53.patch", - "refsource" : "MISC", - "url" : "https://github.com/fedora-infra/mirrormanager2/commit/eb9b542bc818071b9eee41c3583b7e6e172b3a53.patch" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Mirror Manager version 0.7.2 and older is vulnerable to remote code execution in the checkin code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/fedora-infra/mirrormanager2/commit/eb9b542bc818071b9eee41c3583b7e6e172b3a53.patch", + "refsource": "MISC", + "url": "https://github.com/fedora-infra/mirrormanager2/commit/eb9b542bc818071b9eee41c3583b7e6e172b3a53.patch" + }, + { + "name": "https://github.com/fedora-infra/mirrormanager2/commit/2e227f6023477cbdbefd577f15d0846aa40c8775.patch", + "refsource": "MISC", + "url": "https://github.com/fedora-infra/mirrormanager2/commit/2e227f6023477cbdbefd577f15d0846aa40c8775.patch" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1027.json b/2016/1xxx/CVE-2016-1027.json index ba12760017c..a340c6cf8d8 100644 --- a/2016/1xxx/CVE-2016-1027.json +++ b/2016/1xxx/CVE-2016-1027.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1027", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1027", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" - }, - { - "name" : "RHSA-2016:0610", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0610.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:1306", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" - }, - { - "name" : "85932", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85932" - }, - { - "name" : "1035509", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035509" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-1012, CVE-2016-1020, CVE-2016-1021, CVE-2016-1022, CVE-2016-1023, CVE-2016-1024, CVE-2016-1025, CVE-2016-1026, CVE-2016-1028, CVE-2016-1029, CVE-2016-1032, and CVE-2016-1033." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "openSUSE-SU-2016:1306", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00045.html" + }, + { + "name": "RHSA-2016:0610", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0610.html" + }, + { + "name": "85932", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85932" + }, + { + "name": "1035509", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035509" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-10.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1558.json b/2016/1xxx/CVE-2016-1558.json index 0a239a4fb1b..b0061d09fea 100644 --- a/2016/1xxx/CVE-2016-1558.json +++ b/2016/1xxx/CVE-2016-1558.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1558", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-1558", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160225 D-Link, Netgear Router Vulnerabiltiies", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Feb/112" - }, - { - "name" : "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html" - }, - { - "name" : "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559", - "refsource" : "CONFIRM", - "url" : "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and earlier allows remote attackers to have unspecified impact via a crafted 'dlink_uid' cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559", + "refsource": "CONFIRM", + "url": "http://www.dlink.com/mk/mk/support/support-news/2016/march/16/firmadyne-cve_2016_1558-cve_2016_1559" + }, + { + "name": "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/135956/D-Link-Netgear-FIRMADYNE-Command-Injection-Buffer-Overflow.html" + }, + { + "name": "20160225 D-Link, Netgear Router Vulnerabiltiies", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Feb/112" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1824.json b/2016/1xxx/CVE-2016-1824.json index 20f13aeff51..a8b436da9db 100644 --- a/2016/1xxx/CVE-2016-1824.json +++ b/2016/1xxx/CVE-2016-1824.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1824", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1824", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206564", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206564" - }, - { - "name" : "https://support.apple.com/HT206566", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206566" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "https://support.apple.com/HT206568", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206568" - }, - { - "name" : "APPLE-SA-2016-05-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" - }, - { - "name" : "APPLE-SA-2016-05-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-05-16-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90691", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90691" - }, - { - "name" : "1035890", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IOHIDFamily in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2016-1823." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "90691", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90691" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "https://support.apple.com/HT206566", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206566" + }, + { + "name": "APPLE-SA-2016-05-16-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00003.html" + }, + { + "name": "https://support.apple.com/HT206564", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206564" + }, + { + "name": "1035890", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035890" + }, + { + "name": "APPLE-SA-2016-05-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206568", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206568" + }, + { + "name": "APPLE-SA-2016-05-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1852.json b/2016/1xxx/CVE-2016-1852.json index 91445d77714..b4beed02ccf 100644 --- a/2016/1xxx/CVE-2016-1852.json +++ b/2016/1xxx/CVE-2016-1852.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1852", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1852", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206568", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206568" - }, - { - "name" : "APPLE-SA-2016-05-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" - }, - { - "name" : "1035890", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen state, which allows physically proximate attackers to obtain sensitive contact and photo information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035890", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035890" + }, + { + "name": "APPLE-SA-2016-05-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00002.html" + }, + { + "name": "https://support.apple.com/HT206568", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206568" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1992.json b/2016/1xxx/CVE-2016-1992.json index 468a27ddf2d..1c98b20cbf3 100644 --- a/2016/1xxx/CVE-2016-1992.json +++ b/2016/1xxx/CVE-2016-1992.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1992", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1992", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753" - }, - { - "name" : "1035307", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035307" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HPE ArcSight ESM before 6.8c, and ArcSight ESM Express before 6.9.1, allows remote authenticated users to obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035307", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035307" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05048753" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4877.json b/2016/4xxx/CVE-2016-4877.json index 1def5209983..a3a12a09d2a 100644 --- a/2016/4xxx/CVE-2016-4877.json +++ b/2016/4xxx/CVE-2016-4877.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2016-4877", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "baserCMS plugin Mail", - "version" : { - "version_data" : [ - { - "version_value" : "version 3.0.10 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "baserCMS Users Community" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "baserCMS plugin Mail", + "version": { + "version_data": [ + { + "version_value": "version 3.0.10 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "baserCMS Users Community" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://basercms.net/security/JVN92765814", - "refsource" : "CONFIRM", - "url" : "http://basercms.net/security/JVN92765814" - }, - { - "name" : "JVN#92765814", - "refsource" : "JVN", - "url" : "https://jvn.jp/en/jp/JVN92765814/index.html" - }, - { - "name" : "93217", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93217" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://basercms.net/security/JVN92765814", + "refsource": "CONFIRM", + "url": "http://basercms.net/security/JVN92765814" + }, + { + "name": "JVN#92765814", + "refsource": "JVN", + "url": "https://jvn.jp/en/jp/JVN92765814/index.html" + }, + { + "name": "93217", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93217" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5055.json b/2016/5xxx/CVE-2016-5055.json index 6636ca7b9dc..bc35845c2d8 100644 --- a/2016/5xxx/CVE-2016-5055.json +++ b/2016/5xxx/CVE-2016-5055.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5055", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26", - "version" : { - "version_data" : [ - { - "version_value" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "XSS" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5055", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26", + "version": { + "version_data": [ + { + "version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 has XSS in the username field and Wireless Client Mode configuration page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "XSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5596.json b/2016/5xxx/CVE-2016-5596.json index 63a6fc3d07a..193deaf54ce 100644 --- a/2016/5xxx/CVE-2016-5596.json +++ b/2016/5xxx/CVE-2016-5596.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5596", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5596", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93762", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93762" - }, - { - "name" : "1037038", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037038" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93762", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93762" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "1037038", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037038" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5838.json b/2016/5xxx/CVE-2016-5838.json index 5b4024d060f..b2f488b80f6 100644 --- a/2016/5xxx/CVE-2016-5838.json +++ b/2016/5xxx/CVE-2016-5838.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5838", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-5838", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://wpvulndb.com/vulnerabilities/8524", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8524" - }, - { - "name" : "https://codex.wordpress.org/Version_4.5.3", - "refsource" : "CONFIRM", - "url" : "https://codex.wordpress.org/Version_4.5.3" - }, - { - "name" : "https://wordpress.org/news/2016/06/wordpress-4-5-3/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/news/2016/06/wordpress-4-5-3/" - }, - { - "name" : "DSA-3639", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3639" - }, - { - "name" : "91367", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91367" - }, - { - "name" : "1036163", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036163" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress before 4.5.3 allows remote attackers to bypass intended password-change restrictions by leveraging knowledge of a cookie." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wordpress.org/news/2016/06/wordpress-4-5-3/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/news/2016/06/wordpress-4-5-3/" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/8524", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8524" + }, + { + "name": "https://codex.wordpress.org/Version_4.5.3", + "refsource": "CONFIRM", + "url": "https://codex.wordpress.org/Version_4.5.3" + }, + { + "name": "1036163", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036163" + }, + { + "name": "91367", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91367" + }, + { + "name": "DSA-3639", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3639" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0201.json b/2019/0xxx/CVE-2019-0201.json index 939a643823d..99d28b16a8a 100644 --- a/2019/0xxx/CVE-2019-0201.json +++ b/2019/0xxx/CVE-2019-0201.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0201", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0201", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0637.json b/2019/0xxx/CVE-2019-0637.json index c88a28ead93..d7f539fa114 100644 --- a/2019/0xxx/CVE-2019-0637.json +++ b/2019/0xxx/CVE-2019-0637.json @@ -1,110 +1,110 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0637", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Windows", - "version" : { - "version_data" : [ - { - "version_value" : "10 Version 1709 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1709 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1803 for x64-based Systems" - }, - { - "version_value" : "10 Version 1803 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1809 for 32-bit Systems" - }, - { - "version_value" : "10 Version 1809 for x64-based Systems" - }, - { - "version_value" : "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value" : "10 Version 1709 for ARM64-based Systems" - } - ] - } - }, - { - "product_name" : "Windows Server", - "version" : { - "version_data" : [ - { - "version_value" : "version 1709 (Core Installation)" - }, - { - "version_value" : "version 1803 (Core Installation)" - }, - { - "version_value" : "2019" - }, - { - "version_value" : "2019 (Core installation)" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Security Feature Bypass" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0637", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1709 for 32-bit Systems" + }, + { + "version_value": "10 Version 1709 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for 32-bit Systems" + }, + { + "version_value": "10 Version 1803 for x64-based Systems" + }, + { + "version_value": "10 Version 1803 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 Version 1709 for ARM64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "version 1709 (Core Installation)" + }, + { + "version_value": "version 1803 (Core Installation)" + }, + { + "version_value": "2019" + }, + { + "version_value": "2019 (Core installation)" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637" - }, - { - "name" : "106879", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka 'Windows Defender Firewall Security Feature Bypass Vulnerability'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0637" + }, + { + "name": "106879", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106879" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0855.json b/2019/0xxx/CVE-2019-0855.json index bf32346a458..d0096942236 100644 --- a/2019/0xxx/CVE-2019-0855.json +++ b/2019/0xxx/CVE-2019-0855.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0855", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0855", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0979.json b/2019/0xxx/CVE-2019-0979.json index dff9bcb0ed3..d18edb8d349 100644 --- a/2019/0xxx/CVE-2019-0979.json +++ b/2019/0xxx/CVE-2019-0979.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0979", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0979", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1125.json b/2019/1xxx/CVE-2019-1125.json index b1e8bc616ed..239c8b21578 100644 --- a/2019/1xxx/CVE-2019-1125.json +++ b/2019/1xxx/CVE-2019-1125.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1125", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1125", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1557.json b/2019/1xxx/CVE-2019-1557.json index a971ec482cf..3e9c7a8853b 100644 --- a/2019/1xxx/CVE-2019-1557.json +++ b/2019/1xxx/CVE-2019-1557.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1557", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1557", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1750.json b/2019/1xxx/CVE-2019-1750.json index c019cb991d4..5c7445e28c0 100644 --- a/2019/1xxx/CVE-2019-1750.json +++ b/2019/1xxx/CVE-2019-1750.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1750", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1750", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1857.json b/2019/1xxx/CVE-2019-1857.json index 907da0307ef..2133f7a90b1 100644 --- a/2019/1xxx/CVE-2019-1857.json +++ b/2019/1xxx/CVE-2019-1857.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1857", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1857", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3375.json b/2019/3xxx/CVE-2019-3375.json index 262805f8201..8798597a517 100644 --- a/2019/3xxx/CVE-2019-3375.json +++ b/2019/3xxx/CVE-2019-3375.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3375", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3375", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3468.json b/2019/3xxx/CVE-2019-3468.json index e7d1386b9be..be4b43df29d 100644 --- a/2019/3xxx/CVE-2019-3468.json +++ b/2019/3xxx/CVE-2019-3468.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3468", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3468", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3739.json b/2019/3xxx/CVE-2019-3739.json index 06a0f94403e..d1609e12b72 100644 --- a/2019/3xxx/CVE-2019-3739.json +++ b/2019/3xxx/CVE-2019-3739.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3739", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3739", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4043.json b/2019/4xxx/CVE-2019-4043.json index bda4665f421..e81fcc7d1d5 100644 --- a/2019/4xxx/CVE-2019-4043.json +++ b/2019/4xxx/CVE-2019-4043.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4043", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4043", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4337.json b/2019/4xxx/CVE-2019-4337.json index 2fe8d081166..17a4147cefc 100644 --- a/2019/4xxx/CVE-2019-4337.json +++ b/2019/4xxx/CVE-2019-4337.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4337", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4337", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4485.json b/2019/4xxx/CVE-2019-4485.json index 9d6cecfa4d3..9de45489edf 100644 --- a/2019/4xxx/CVE-2019-4485.json +++ b/2019/4xxx/CVE-2019-4485.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4485", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4485", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4769.json b/2019/4xxx/CVE-2019-4769.json index a193afd1b7f..aeb5ad91976 100644 --- a/2019/4xxx/CVE-2019-4769.json +++ b/2019/4xxx/CVE-2019-4769.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4769", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4769", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8540.json b/2019/8xxx/CVE-2019-8540.json index 47f62261f76..239668ffd54 100644 --- a/2019/8xxx/CVE-2019-8540.json +++ b/2019/8xxx/CVE-2019-8540.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8540", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8540", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8630.json b/2019/8xxx/CVE-2019-8630.json index 500c77e9f89..ebc19e13e09 100644 --- a/2019/8xxx/CVE-2019-8630.json +++ b/2019/8xxx/CVE-2019-8630.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8630", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8630", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8735.json b/2019/8xxx/CVE-2019-8735.json index 43db9144a9d..514b0b2fa64 100644 --- a/2019/8xxx/CVE-2019-8735.json +++ b/2019/8xxx/CVE-2019-8735.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8735", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8735", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8883.json b/2019/8xxx/CVE-2019-8883.json index bb95b6aa9c0..84d4a8123ee 100644 --- a/2019/8xxx/CVE-2019-8883.json +++ b/2019/8xxx/CVE-2019-8883.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8883", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8883", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9213.json b/2019/9xxx/CVE-2019-9213.json index bb4cf5b4f21..5920471f58b 100644 --- a/2019/9xxx/CVE-2019-9213.json +++ b/2019/9xxx/CVE-2019-9213.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9213", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9213", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46502", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46502/" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1", - "refsource" : "MISC", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792" - }, - { - "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105", - "refsource" : "MISC", - "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105" - }, - { - "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27", - "refsource" : "MISC", - "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27" - }, - { - "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14", - "refsource" : "MISC", - "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14" - }, - { - "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162", - "refsource" : "MISC", - "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162" - }, - { - "name" : "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1", - "refsource" : "MISC", - "url" : "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1" - }, - { - "name" : "107296", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107296" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46502", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46502/" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1", + "refsource": "MISC", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1" + }, + { + "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162", + "refsource": "MISC", + "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162" + }, + { + "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27", + "refsource": "MISC", + "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27" + }, + { + "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105", + "refsource": "MISC", + "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105" + }, + { + "name": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1", + "refsource": "MISC", + "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1" + }, + { + "name": "107296", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107296" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792" + }, + { + "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14", + "refsource": "MISC", + "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9370.json b/2019/9xxx/CVE-2019-9370.json index 79b6f574895..654839ffd1b 100644 --- a/2019/9xxx/CVE-2019-9370.json +++ b/2019/9xxx/CVE-2019-9370.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9370", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9370", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9817.json b/2019/9xxx/CVE-2019-9817.json index 8fa3091f8e5..05fc6a23c06 100644 --- a/2019/9xxx/CVE-2019-9817.json +++ b/2019/9xxx/CVE-2019-9817.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9817", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9817", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file