From ef51668331d4996628d84c78a19f8b297116b232 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:59:08 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0531.json | 34 ++--- 1999/0xxx/CVE-1999-0891.json | 170 +++++++++++------------ 1999/1xxx/CVE-1999-1028.json | 140 +++++++++---------- 1999/1xxx/CVE-1999-1175.json | 140 +++++++++---------- 1999/1xxx/CVE-1999-1267.json | 130 +++++++++--------- 2000/0xxx/CVE-2000-0045.json | 120 ++++++++-------- 2000/0xxx/CVE-2000-0404.json | 140 +++++++++---------- 2000/0xxx/CVE-2000-0537.json | 150 ++++++++++---------- 2000/0xxx/CVE-2000-0677.json | 130 +++++++++--------- 2000/0xxx/CVE-2000-0684.json | 140 +++++++++---------- 2000/0xxx/CVE-2000-0834.json | 150 ++++++++++---------- 2000/0xxx/CVE-2000-0975.json | 140 +++++++++---------- 2000/1xxx/CVE-2000-1150.json | 120 ++++++++-------- 2005/2xxx/CVE-2005-2098.json | 200 +++++++++++++-------------- 2005/2xxx/CVE-2005-2646.json | 150 ++++++++++---------- 2005/2xxx/CVE-2005-2784.json | 150 ++++++++++---------- 2005/3xxx/CVE-2005-3149.json | 230 +++++++++++++++---------------- 2005/3xxx/CVE-2005-3461.json | 160 ++++++++++----------- 2005/3xxx/CVE-2005-3537.json | 140 +++++++++---------- 2005/3xxx/CVE-2005-3580.json | 160 ++++++++++----------- 2007/5xxx/CVE-2007-5566.json | 130 +++++++++--------- 2009/2xxx/CVE-2009-2040.json | 140 +++++++++---------- 2009/2xxx/CVE-2009-2192.json | 190 ++++++++++++------------- 2009/2xxx/CVE-2009-2230.json | 170 +++++++++++------------ 2009/3xxx/CVE-2009-3549.json | 200 +++++++++++++-------------- 2009/3xxx/CVE-2009-3919.json | 170 +++++++++++------------ 2015/0xxx/CVE-2015-0228.json | 260 +++++++++++++++++------------------ 2015/0xxx/CVE-2015-0248.json | 240 ++++++++++++++++---------------- 2015/0xxx/CVE-2015-0573.json | 130 +++++++++--------- 2015/0xxx/CVE-2015-0905.json | 150 ++++++++++---------- 2015/0xxx/CVE-2015-0981.json | 120 ++++++++-------- 2015/1xxx/CVE-2015-1531.json | 34 ++--- 2015/4xxx/CVE-2015-4077.json | 190 ++++++++++++------------- 2015/4xxx/CVE-2015-4528.json | 140 +++++++++---------- 2015/8xxx/CVE-2015-8147.json | 34 ++--- 2015/8xxx/CVE-2015-8296.json | 34 ++--- 2015/8xxx/CVE-2015-8773.json | 130 +++++++++--------- 2015/9xxx/CVE-2015-9045.json | 132 +++++++++--------- 2015/9xxx/CVE-2015-9237.json | 34 ++--- 2016/5xxx/CVE-2016-5755.json | 120 ++++++++-------- 2018/2xxx/CVE-2018-2119.json | 34 ++--- 2018/2xxx/CVE-2018-2177.json | 34 ++--- 2018/2xxx/CVE-2018-2397.json | 198 +++++++++++++------------- 2018/2xxx/CVE-2018-2692.json | 150 ++++++++++---------- 2018/2xxx/CVE-2018-2825.json | 172 +++++++++++------------ 2018/6xxx/CVE-2018-6307.json | 150 ++++++++++---------- 2018/6xxx/CVE-2018-6391.json | 140 +++++++++---------- 2018/6xxx/CVE-2018-6836.json | 150 ++++++++++---------- 2018/6xxx/CVE-2018-6878.json | 120 ++++++++-------- 2018/7xxx/CVE-2018-7273.json | 140 +++++++++---------- 2018/7xxx/CVE-2018-7578.json | 34 ++--- 2018/7xxx/CVE-2018-7753.json | 140 +++++++++---------- 2018/7xxx/CVE-2018-7969.json | 34 ++--- 2019/1xxx/CVE-2019-1431.json | 34 ++--- 2019/1xxx/CVE-2019-1843.json | 34 ++--- 2019/1xxx/CVE-2019-1929.json | 34 ++--- 2019/5xxx/CVE-2019-5124.json | 34 ++--- 2019/5xxx/CVE-2019-5198.json | 34 ++--- 2019/5xxx/CVE-2019-5250.json | 34 ++--- 2019/5xxx/CVE-2019-5700.json | 34 ++--- 60 files changed, 3688 insertions(+), 3688 deletions(-) diff --git a/1999/0xxx/CVE-1999-0531.json b/1999/0xxx/CVE-1999-0531.json index b1027ec011f..c19ce373863 100644 --- a/1999/0xxx/CVE-1999-0531.json +++ b/1999/0xxx/CVE-1999-0531.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0531", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO.\"" - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-1999-0531", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: None. Reason: this candidate is solely about a configuration that does not directly introduce security vulnerabilities, so it is more appropriate to cover under the Common Configuration Enumeration (CCE). Notes: the former description is: \"An SMTP service supports EXPN, VRFY, HELP, ESMTP, and/or EHLO.\"" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0891.json b/1999/0xxx/CVE-1999-0891.json index 59a6dff0cbe..4a8d8a3bf34 100644 --- a/1999/0xxx/CVE-1999-0891.json +++ b/1999/0xxx/CVE-1999-0891.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0891", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"download behavior\" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0891", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS99-040", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040" - }, - { - "name" : "Q242542", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242542" - }, - { - "name" : "VU#37828", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/37828" - }, - { - "name" : "K-002", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/k-002.shtml" - }, - { - "name" : "674", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/674" - }, - { - "name" : "11274", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/11274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"download behavior\" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "674", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/674" + }, + { + "name": "MS99-040", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-040" + }, + { + "name": "K-002", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/k-002.shtml" + }, + { + "name": "Q242542", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q242542" + }, + { + "name": "VU#37828", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/37828" + }, + { + "name": "11274", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/11274" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1028.json b/1999/1xxx/CVE-1999-1028.json index 791408b6e4b..379d446965d 100644 --- a/1999/1xxx/CVE-1999-1028.json +++ b/1999/1xxx/CVE-1999-1028.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1028", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1028", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19990528 DoS against PC Anywhere", - "refsource" : "NTBUGTRAQ", - "url" : "http://marc.info/?l=ntbugtraq&m=92807524225090&w=2" - }, - { - "name" : "288", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/288" - }, - { - "name" : "pcanywhere-dos(2256)", - "refsource" : "XF", - "url" : "http://www.iss.net/security_center/static/2256.php" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "288", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/288" + }, + { + "name": "19990528 DoS against PC Anywhere", + "refsource": "NTBUGTRAQ", + "url": "http://marc.info/?l=ntbugtraq&m=92807524225090&w=2" + }, + { + "name": "pcanywhere-dos(2256)", + "refsource": "XF", + "url": "http://www.iss.net/security_center/static/2256.php" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1175.json b/1999/1xxx/CVE-1999-1175.json index 5e2e1dcb81d..83dc8311bc9 100644 --- a/1999/1xxx/CVE-1999-1175.json +++ b/1999/1xxx/CVE-1999-1175.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980513 Cisco Web Cache Control Protocol Router Vulnerability", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/warp/public/770/wccpauth-pub.shtml" - }, - { - "name" : "I-054", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/i-054.shtml" - }, - { - "name" : "cisco-wccp-vuln(1577)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1577" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "I-054", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/i-054.shtml" + }, + { + "name": "19980513 Cisco Web Cache Control Protocol Router Vulnerability", + "refsource": "CISCO", + "url": "http://www.cisco.com/warp/public/770/wccpauth-pub.shtml" + }, + { + "name": "cisco-wccp-vuln(1577)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1577" + } + ] + } +} \ No newline at end of file diff --git a/1999/1xxx/CVE-1999-1267.json b/1999/1xxx/CVE-1999-1267.json index c69015761c6..9fc875d8c47 100644 --- a/1999/1xxx/CVE-1999-1267.json +++ b/1999/1xxx/CVE-1999-1267.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1267", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1267", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19970505 Hole in the KDE desktop", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602167420906&w=2" - }, - { - "name" : "kde-flawed-ipc(1646)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "KDE file manager (kfm) uses a TCP server for certain file operations, which allows remote attackers to modify arbitrary files by sending a copy command to the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19970505 Hole in the KDE desktop", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602167420906&w=2" + }, + { + "name": "kde-flawed-ipc(1646)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1646" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0045.json b/2000/0xxx/CVE-2000-0045.json index 7945d6b3077..8a5247c8d9a 100644 --- a/2000/0xxx/CVE-2000-0045.json +++ b/2000/0xxx/CVE-2000-0045.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "926", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "926", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/926" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0404.json b/2000/0xxx/CVE-2000-0404.json index a82b7334ec9..7f122874270 100644 --- a/2000/0xxx/CVE-2000-0404.json +++ b/2000/0xxx/CVE-2000-0404.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0404", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the \"ResetBrowser Frame\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0404", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS00-036", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036" - }, - { - "name" : "Q262694", - "refsource" : "MSKB", - "url" : "http://www.microsoft.com/technet/support/kb.asp?ID=262694" - }, - { - "name" : "1262", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1262" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the \"ResetBrowser Frame\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q262694", + "refsource": "MSKB", + "url": "http://www.microsoft.com/technet/support/kb.asp?ID=262694" + }, + { + "name": "MS00-036", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-036" + }, + { + "name": "1262", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1262" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0537.json b/2000/0xxx/CVE-2000-0537.json index 7ea928a6ca2..095f7622df8 100644 --- a/2000/0xxx/CVE-2000-0537.json +++ b/2000/0xxx/CVE-2000-0537.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000606 BRU Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-06/0013.html" - }, - { - "name" : "CSSA-2000-018.0", - "refsource" : "CALDERA", - "url" : "http://www.calderasystems.com/support/security/advisories/CSSA-2000-018.0.txt" - }, - { - "name" : "1321", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1321" - }, - { - "name" : "bru-execlog-env-variable(4644)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4644" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "bru-execlog-env-variable(4644)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4644" + }, + { + "name": "1321", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1321" + }, + { + "name": "CSSA-2000-018.0", + "refsource": "CALDERA", + "url": "http://www.calderasystems.com/support/security/advisories/CSSA-2000-018.0.txt" + }, + { + "name": "20000606 BRU Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-06/0013.html" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0677.json b/2000/0xxx/CVE-2000-0677.json index b053f53dd7a..37c1d7a2396 100644 --- a/2000/0xxx/CVE-2000-0677.json +++ b/2000/0xxx/CVE-2000-0677.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000907 Buffer Overflow in IBM Net.Data db2www CGI program.", - "refsource" : "ISS", - "url" : "http://xforce.iss.net/alerts/advise60.php" - }, - { - "name" : "ibm-netdata-db2www-bo(4976)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/4976" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20000907 Buffer Overflow in IBM Net.Data db2www CGI program.", + "refsource": "ISS", + "url": "http://xforce.iss.net/alerts/advise60.php" + }, + { + "name": "ibm-netdata-db2www-bo(4976)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/4976" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0684.json b/2000/0xxx/CVE-2000-0684.json index dc423c6a681..170ace06156 100644 --- a/2000/0xxx/CVE-2000-0684.json +++ b/2000/0xxx/CVE-2000-0684.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0684", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0684", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20000731 BEA's WebLogic *.jsp/*.jhtml remote command execution", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html" - }, - { - "name" : "http://developer.bea.com/alerts/security_000731.html", - "refsource" : "CONFIRM", - "url" : "http://developer.bea.com/alerts/security_000731.html" - }, - { - "name" : "1525", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1525" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://developer.bea.com/alerts/security_000731.html", + "refsource": "CONFIRM", + "url": "http://developer.bea.com/alerts/security_000731.html" + }, + { + "name": "20000731 BEA's WebLogic *.jsp/*.jhtml remote command execution", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html" + }, + { + "name": "1525", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1525" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0834.json b/2000/0xxx/CVE-2000-0834.json index bb69d674c6c..f1bbfd1a425 100644 --- a/2000/0xxx/CVE-2000-0834.json +++ b/2000/0xxx/CVE-2000-0834.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0834", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the \"Windows 2000 Telnet Client NTLM Authentication\" vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0834", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "A091400-1", - "refsource" : "ATSTAKE", - "url" : "http://www.atstake.com/research/advisories/2000/a091400-1.txt" - }, - { - "name" : "MS00-067", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-067" - }, - { - "name" : "1683", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/1683" - }, - { - "name" : "win2k-telnet-ntlm-authentication(5242)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5242" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the \"Windows 2000 Telnet Client NTLM Authentication\" vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "A091400-1", + "refsource": "ATSTAKE", + "url": "http://www.atstake.com/research/advisories/2000/a091400-1.txt" + }, + { + "name": "win2k-telnet-ntlm-authentication(5242)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5242" + }, + { + "name": "MS00-067", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-067" + }, + { + "name": "1683", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/1683" + } + ] + } +} \ No newline at end of file diff --git a/2000/0xxx/CVE-2000-0975.json b/2000/0xxx/CVE-2000-0975.json index 7a0845c2b26..416d68e8cf1 100644 --- a/2000/0xxx/CVE-2000-0975.json +++ b/2000/0xxx/CVE-2000-0975.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-0975", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-0975", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001012 Anaconda Advisory", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-10/0210.html" - }, - { - "name" : "anaconda-apexec-directory-traversal(5750)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/5750" - }, - { - "name" : "435", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/435" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "435", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/435" + }, + { + "name": "20001012 Anaconda Advisory", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-10/0210.html" + }, + { + "name": "anaconda-apexec-directory-traversal(5750)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5750" + } + ] + } +} \ No newline at end of file diff --git a/2000/1xxx/CVE-2000-1150.json b/2000/1xxx/CVE-2000-1150.json index 99b76311922..5a89caef26e 100644 --- a/2000/1xxx/CVE-2000-1150.json +++ b/2000/1xxx/CVE-2000-1150.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2000-1150", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2000-1150", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20001113 beos vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2000-11/0203.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20001113 beos vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://archives.neohapsis.com/archives/bugtraq/2000-11/0203.html" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2098.json b/2005/2xxx/CVE-2005-2098.json index 6f963f28da4..5acbfb871c8 100644 --- a/2005/2xxx/CVE-2005-2098.json +++ b/2005/2xxx/CVE-2005-2098.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2098", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2098", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5", - "refsource" : "CONFIRM", - "url" : "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5" - }, - { - "name" : "FLSA:157459-3", - "refsource" : "FEDORA", - "url" : "http://www.securityfocus.com/archive/1/427980/100/0/threaded" - }, - { - "name" : "MDKSA-2005:220", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220" - }, - { - "name" : "RHSA-2005:514", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-514.html" - }, - { - "name" : "USN-169-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/169-1/" - }, - { - "name" : "14521", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14521" - }, - { - "name" : "oval:org.mitre.oval:def:9638", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9638" - }, - { - "name" : "16355", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16355/" - }, - { - "name" : "17073", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17073" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-169-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/169-1/" + }, + { + "name": "14521", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14521" + }, + { + "name": "MDKSA-2005:220", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:220" + }, + { + "name": "17073", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17073" + }, + { + "name": "oval:org.mitre.oval:def:9638", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9638" + }, + { + "name": "RHSA-2005:514", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-514.html" + }, + { + "name": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5", + "refsource": "CONFIRM", + "url": "http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.12.5" + }, + { + "name": "FLSA:157459-3", + "refsource": "FEDORA", + "url": "http://www.securityfocus.com/archive/1/427980/100/0/threaded" + }, + { + "name": "16355", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16355/" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2646.json b/2005/2xxx/CVE-2005-2646.json index d2f01236982..ea5c93bea97 100644 --- a/2005/2xxx/CVE-2005-2646.json +++ b/2005/2xxx/CVE-2005-2646.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2646", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2646", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf" - }, - { - "name" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf" - }, - { - "name" : "1014720", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014720" - }, - { - "name" : "16467", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in Xerox MicroServer Web Server in Document Centre 220 through 265, 332 and 340, 420 through 490, and 535 through 555 allows remote attackers to cause a denial of service or read files via unknown vectors involving crafted HTTP requests." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1014720", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014720" + }, + { + "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf", + "refsource": "CONFIRM", + "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_008.pdf" + }, + { + "name": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf", + "refsource": "CONFIRM", + "url": "http://www.xerox.com/downloads/usa/en/c/cert_XRX05_009.pdf" + }, + { + "name": "16467", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16467" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2784.json b/2005/2xxx/CVE-2005-2784.json index 102a64447c4..8f8ca03639d 100644 --- a/2005/2xxx/CVE-2005-2784.json +++ b/2005/2xxx/CVE-2005-2784.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2784", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the login function for the administration login panel in cosmoshop 8.10.78 allows remote attackers to execute arbitrary SQL commands and bypass authentication via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2784", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050829 [cosmoshop <= 8.10.78] be the shopadmin in one step", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112534390600093&w=2" - }, - { - "name" : "14689", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14689" - }, - { - "name" : "16625", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16625/" - }, - { - "name" : "cosmoshop-administration-login-sql-injection(22079)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22079" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the login function for the administration login panel in cosmoshop 8.10.78 allows remote attackers to execute arbitrary SQL commands and bypass authentication via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16625", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16625/" + }, + { + "name": "20050829 [cosmoshop <= 8.10.78] be the shopadmin in one step", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112534390600093&w=2" + }, + { + "name": "14689", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14689" + }, + { + "name": "cosmoshop-administration-login-sql-injection(22079)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22079" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3149.json b/2005/3xxx/CVE-2005-3149.json index bc97d99adcd..a166f7461e6 100644 --- a/2005/3xxx/CVE-2005-3149.json +++ b/2005/3xxx/CVE-2005-3149.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3149", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3149", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Uim] 20050928 uim-0.4.9.1 released", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/pipermail/uim/2005-September/001346.html" - }, - { - "name" : "[Uim] 20050928 uim 0.5.0.1 released", - "refsource" : "MLIST", - "url" : "http://lists.freedesktop.org/pipermail/uim/2005-September/001347.html" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331620", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331620" - }, - { - "name" : "DSA-895", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-895" - }, - { - "name" : "GLSA-200510-03", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200510-03.xml" - }, - { - "name" : "15007", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15007" - }, - { - "name" : "ADV-2005-1946", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1946" - }, - { - "name" : "ADV-2005-1947", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1947" - }, - { - "name" : "1015002", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015002" - }, - { - "name" : "17043", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17043" - }, - { - "name" : "17058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17058" - }, - { - "name" : "17572", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17572" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[Uim] 20050928 uim 0.5.0.1 released", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/pipermail/uim/2005-September/001347.html" + }, + { + "name": "15007", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15007" + }, + { + "name": "ADV-2005-1947", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1947" + }, + { + "name": "[Uim] 20050928 uim-0.4.9.1 released", + "refsource": "MLIST", + "url": "http://lists.freedesktop.org/pipermail/uim/2005-September/001346.html" + }, + { + "name": "1015002", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015002" + }, + { + "name": "17058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17058" + }, + { + "name": "17572", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17572" + }, + { + "name": "ADV-2005-1946", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1946" + }, + { + "name": "DSA-895", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-895" + }, + { + "name": "GLSA-200510-03", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-03.xml" + }, + { + "name": "17043", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17043" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331620", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=331620" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3461.json b/2005/3xxx/CVE-2005-3461.json index 532b07339d9..7037a26d69d 100644 --- a/2005/3xxx/CVE-2005-3461.json +++ b/2005/3xxx/CVE-2005-3461.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3461", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html" - }, - { - "name" : "TA05-292A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA05-292A.html" - }, - { - "name" : "VU#210524", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/210524" - }, - { - "name" : "15134", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15134" - }, - { - "name" : "17250", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17250" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html" + }, + { + "name": "TA05-292A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA05-292A.html" + }, + { + "name": "15134", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15134" + }, + { + "name": "VU#210524", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/210524" + }, + { + "name": "17250", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17250" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3537.json b/2005/3xxx/CVE-2005-3537.json index bff8a9fc5dc..d793076d2b1 100644 --- a/2005/3xxx/CVE-2005-3537.json +++ b/2005/3xxx/CVE-2005-3537.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3537", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A \"missing request validation\" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2005-3537", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-925", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-925" - }, - { - "name" : "15246", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15246" - }, - { - "name" : "18098", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/18098" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A \"missing request validation\" error in phpBB 2 before 2.0.18 allows remote attackers to edit private messages of other users, probably by modifying certain parameters or other inputs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15246", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15246" + }, + { + "name": "DSA-925", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-925" + }, + { + "name": "18098", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/18098" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3580.json b/2005/3xxx/CVE-2005-3580.json index 4470e0f2209..0188e5c9d55 100644 --- a/2005/3xxx/CVE-2005-3580.json +++ b/2005/3xxx/CVE-2005-3580.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "GLSA-200511-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml" - }, - { - "name" : "15120", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15120" - }, - { - "name" : "ADV-2005-2281", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2281" - }, - { - "name" : "20527", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20527" - }, - { - "name" : "17427", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17427/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "17427", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17427/" + }, + { + "name": "GLSA-200511-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200511-02.xml" + }, + { + "name": "ADV-2005-2281", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2281" + }, + { + "name": "20527", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20527" + }, + { + "name": "15120", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15120" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5566.json b/2007/5xxx/CVE-2007-5566.json index 71c9881f3c5..bd30dea0174 100644 --- a/2007/5xxx/CVE-2007-5566.json +++ b/2007/5xxx/CVE-2007-5566.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5566", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in PHPBlog 0.1 Alpha allow remote attackers to execute arbitrary PHP code via a URL in the blog_localpath parameter to (1) includes/functions.php or (2) includes/email.php. NOTE: this issue is disputed by CVE because the identified code is in functions that are not accessible via direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5566", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/13/rfi-02-phpblog/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/13/rfi-02-phpblog/" - }, - { - "name" : "39392", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39392" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in PHPBlog 0.1 Alpha allow remote attackers to execute arbitrary PHP code via a URL in the blog_localpath parameter to (1) includes/functions.php or (2) includes/email.php. NOTE: this issue is disputed by CVE because the identified code is in functions that are not accessible via direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/13/rfi-02-phpblog/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/13/rfi-02-phpblog/" + }, + { + "name": "39392", + "refsource": "OSVDB", + "url": "http://osvdb.org/39392" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2040.json b/2009/2xxx/CVE-2009-2040.json index 986e743c3de..265f08d2c08 100644 --- a/2009/2xxx/CVE-2009-2040.json +++ b/2009/2xxx/CVE-2009-2040.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2040", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2040", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "8902", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/8902" - }, - { - "name" : "35367", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35367" - }, - { - "name" : "grestul-options-security-bypass(50999)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/50999" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "admin/options.php in Grestul 1.2 does not properly restrict access, which allows remote attackers to bypass authentication and create administrative accounts via a manage_admin action in a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35367", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35367" + }, + { + "name": "grestul-options-security-bypass(50999)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50999" + }, + { + "name": "8902", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/8902" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2192.json b/2009/2xxx/CVE-2009-2192.json index 69e8e5eb01d..1e0916a7258 100644 --- a/2009/2xxx/CVE-2009-2192.json +++ b/2009/2xxx/CVE-2009-2192.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a \"logic issue.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT3757", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT3757" - }, - { - "name" : "APPLE-SA-2009-08-05-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" - }, - { - "name" : "TA09-218A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" - }, - { - "name" : "35954", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35954" - }, - { - "name" : "56839", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/56839" - }, - { - "name" : "36096", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36096" - }, - { - "name" : "ADV-2009-2172", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2172" - }, - { - "name" : "macosx-mobileme-session-hijack(52432)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/52432" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "MobileMe in Apple Mac OS X 10.5 before 10.5.8 does not properly delete credentials upon signout from the preference pane, which makes it easier for attackers to hijack a MobileMe session via unspecified vectors, related to a \"logic issue.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://support.apple.com/kb/HT3757", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT3757" + }, + { + "name": "36096", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36096" + }, + { + "name": "macosx-mobileme-session-hijack(52432)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/52432" + }, + { + "name": "56839", + "refsource": "OSVDB", + "url": "http://osvdb.org/56839" + }, + { + "name": "APPLE-SA-2009-08-05-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" + }, + { + "name": "35954", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35954" + }, + { + "name": "ADV-2009-2172", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2172" + }, + { + "name": "TA09-218A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2230.json b/2009/2xxx/CVE-2009-2230.json index 009f0370933..624cc29caa6 100644 --- a/2009/2xxx/CVE-2009-2230.json +++ b/2009/2xxx/CVE-2009-2230.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2230", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2230", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9001", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9001" - }, - { - "name" : "http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/", - "refsource" : "CONFIRM", - "url" : "http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/" - }, - { - "name" : "http://mybboard.net/download/104", - "refsource" : "CONFIRM", - "url" : "http://mybboard.net/download/104" - }, - { - "name" : "35458", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/35458" - }, - { - "name" : "35517", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/35517" - }, - { - "name" : "ADV-2009-1653", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/1653" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in inc/datahandlers/user.php in MyBB (aka MyBulletinBoard) before 1.4.7 allows remote authenticated users to execute arbitrary SQL commands via the birthdayprivacy parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "35458", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/35458" + }, + { + "name": "9001", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9001" + }, + { + "name": "35517", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/35517" + }, + { + "name": "http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/", + "refsource": "CONFIRM", + "url": "http://blog.mybboard.net/2009/06/15/mybb-147-released-security-update/" + }, + { + "name": "http://mybboard.net/download/104", + "refsource": "CONFIRM", + "url": "http://mybboard.net/download/104" + }, + { + "name": "ADV-2009-1653", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/1653" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3549.json b/2009/3xxx/CVE-2009-3549.json index 02284c89312..d0b42f7d480 100644 --- a/2009/3xxx/CVE-2009-3549.json +++ b/2009/3xxx/CVE-2009-3549.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3549", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2009-3549", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html" - }, - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2009-07.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2009-07.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689" - }, - { - "name" : "36846", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36846" - }, - { - "name" : "oval:org.mitre.oval:def:6391", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6391" - }, - { - "name" : "37175", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37175" - }, - { - "name" : "37409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37409" - }, - { - "name" : "ADV-2009-3061", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/3061" - }, - { - "name" : "wireshark-dissectpaltalk-dos(54016)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54016" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "36846", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36846" + }, + { + "name": "ADV-2009-3061", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/3061" + }, + { + "name": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html" + }, + { + "name": "37409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37409" + }, + { + "name": "oval:org.mitre.oval:def:6391", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6391" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2009-07.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2009-07.html" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689" + }, + { + "name": "wireshark-dissectpaltalk-dos(54016)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54016" + }, + { + "name": "37175", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37175" + } + ] + } +} \ No newline at end of file diff --git a/2009/3xxx/CVE-2009-3919.json b/2009/3xxx/CVE-2009-3919.json index 77dc971a6c0..3fcac6a8c2b 100644 --- a/2009/3xxx/CVE-2009-3919.json +++ b/2009/3xxx/CVE-2009-3919.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-3919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified \"user-supplied information.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-3919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://drupal.org/node/623506", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/623506" - }, - { - "name" : "http://drupal.org/node/623546", - "refsource" : "CONFIRM", - "url" : "http://drupal.org/node/623546" - }, - { - "name" : "36927", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36927" - }, - { - "name" : "59676", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/59676" - }, - { - "name" : "37287", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/37287" - }, - { - "name" : "ngpcoocwp-unspecified-xss(54151)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/54151" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the NGP COO/CWP Integration (crmngp) module 6.x before 6.x-1.12 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified \"user-supplied information.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://drupal.org/node/623506", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/623506" + }, + { + "name": "ngpcoocwp-unspecified-xss(54151)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54151" + }, + { + "name": "59676", + "refsource": "OSVDB", + "url": "http://osvdb.org/59676" + }, + { + "name": "37287", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/37287" + }, + { + "name": "http://drupal.org/node/623546", + "refsource": "CONFIRM", + "url": "http://drupal.org/node/623546" + }, + { + "name": "36927", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36927" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0228.json b/2015/0xxx/CVE-2015-0228.json index d00d10c18c7..df70b232426 100644 --- a/2015/0xxx/CVE-2015-0228.json +++ b/2015/0xxx/CVE-2015-0228.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0228", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0228", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES", - "refsource" : "CONFIRM", - "url" : "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES" - }, - { - "name" : "https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef", - "refsource" : "CONFIRM", - "url" : "https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef" - }, - { - "name" : "http://advisories.mageia.org/MGASA-2015-0099.html", - "refsource" : "CONFIRM", - "url" : "http://advisories.mageia.org/MGASA-2015-0099.html" - }, - { - "name" : "https://support.apple.com/kb/HT205031", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT205031" - }, - { - "name" : "https://support.apple.com/HT205219", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205219" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" - }, - { - "name" : "APPLE-SA-2015-08-13-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-09-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" - }, - { - "name" : "RHSA-2015:1666", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1666.html" - }, - { - "name" : "openSUSE-SU-2015:0418", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html" - }, - { - "name" : "USN-2523-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2523-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "73041", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73041" - }, - { - "name" : "1032967", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032967" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a crafted WebSocket Ping frame after a Lua script has called the wsupgrade function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2015:0418", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-03/msg00006.html" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "http://advisories.mageia.org/MGASA-2015-0099.html", + "refsource": "CONFIRM", + "url": "http://advisories.mageia.org/MGASA-2015-0099.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" + }, + { + "name": "USN-2523-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2523-1" + }, + { + "name": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES", + "refsource": "CONFIRM", + "url": "http://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x/CHANGES" + }, + { + "name": "RHSA-2015:1666", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1666.html" + }, + { + "name": "1032967", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032967" + }, + { + "name": "https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef", + "refsource": "CONFIRM", + "url": "https://github.com/apache/httpd/commit/643f0fcf3b8ab09a68f0ecd2aa37aafeda3e63ef" + }, + { + "name": "APPLE-SA-2015-08-13-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "https://support.apple.com/kb/HT205031", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT205031" + }, + { + "name": "APPLE-SA-2015-09-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00004.html" + }, + { + "name": "https://support.apple.com/HT205219", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205219" + }, + { + "name": "73041", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73041" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0248.json b/2015/0xxx/CVE-2015-0248.json index 5394efa7aec..135b6b4fd10 100644 --- a/2015/0xxx/CVE-2015-0248.json +++ b/2015/0xxx/CVE-2015-0248.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0248", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0248", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", - "refsource" : "CONFIRM", - "url" : "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt" - }, - { - "name" : "https://support.apple.com/HT205217", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205217" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" - }, - { - "name" : "APPLE-SA-2015-09-16-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html" - }, - { - "name" : "DSA-3231", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3231" - }, - { - "name" : "GLSA-201610-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201610-05" - }, - { - "name" : "MDVSA-2015:192", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192" - }, - { - "name" : "RHSA-2015:1633", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1633.html" - }, - { - "name" : "RHSA-2015:1742", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1742.html" - }, - { - "name" : "openSUSE-SU-2015:0672", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html" - }, - { - "name" : "USN-2721-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2721-1" - }, - { - "name" : "74260", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74260" - }, - { - "name" : "1033214", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "RHSA-2015:1742", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1742.html" + }, + { + "name": "DSA-3231", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3231" + }, + { + "name": "RHSA-2015:1633", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1633.html" + }, + { + "name": "74260", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74260" + }, + { + "name": "1033214", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033214" + }, + { + "name": "https://support.apple.com/HT205217", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205217" + }, + { + "name": "MDVSA-2015:192", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:192" + }, + { + "name": "APPLE-SA-2015-09-16-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html" + }, + { + "name": "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt", + "refsource": "CONFIRM", + "url": "http://subversion.apache.org/security/CVE-2015-0248-advisory.txt" + }, + { + "name": "USN-2721-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2721-1" + }, + { + "name": "openSUSE-SU-2015:0672", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00008.html" + }, + { + "name": "GLSA-201610-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201610-05" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0573.json b/2015/0xxx/CVE-2015-0573.json index 2be4b573599..e1def031e5c 100644 --- a/2015/0xxx/CVE-2015-0573.json +++ b/2015/0xxx/CVE-2015-0573.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0573", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-0573", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=e20f20aaed6b6d2fd1667bad9be9ef35103a51df", - "refsource" : "CONFIRM", - "url" : "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=e20f20aaed6b6d2fd1667bad9be9ef35103a51df" - }, - { - "name" : "https://www.codeaurora.org/issues-tsc-tspp2-and-buspm-drivers-cve-2015-0573-cve-2016-2441-cve-2016-2442", - "refsource" : "CONFIRM", - "url" : "https://www.codeaurora.org/issues-tsc-tspp2-and-buspm-drivers-cve-2015-0573-cve-2016-2441-cve-2016-2442" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (invalid pointer dereference) or possibly have unspecified other impact via a crafted application that makes a TSC_GET_CARD_STATUS ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=e20f20aaed6b6d2fd1667bad9be9ef35103a51df", + "refsource": "CONFIRM", + "url": "https://us.codeaurora.org/cgit/quic/la//kernel/msm-3.10/commit/?id=e20f20aaed6b6d2fd1667bad9be9ef35103a51df" + }, + { + "name": "https://www.codeaurora.org/issues-tsc-tspp2-and-buspm-drivers-cve-2015-0573-cve-2016-2441-cve-2016-2442", + "refsource": "CONFIRM", + "url": "https://www.codeaurora.org/issues-tsc-tspp2-and-buspm-drivers-cve-2015-0573-cve-2016-2441-cve-2016-2442" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0905.json b/2015/0xxx/CVE-2015-0905.json index 0242461c8bd..e393c186332 100644 --- a/2015/0xxx/CVE-2015-0905.json +++ b/2015/0xxx/CVE-2015-0905.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0905", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2015-0905", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sourceforge.net/projects/bblog/", - "refsource" : "MISC", - "url" : "http://sourceforge.net/projects/bblog/" - }, - { - "name" : "JVN#71903938", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN71903938/index.html" - }, - { - "name" : "JVNDB-2015-000047", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000047" - }, - { - "name" : "1032041", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032041" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/projects/bblog/", + "refsource": "MISC", + "url": "http://sourceforge.net/projects/bblog/" + }, + { + "name": "1032041", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032041" + }, + { + "name": "JVN#71903938", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN71903938/index.html" + }, + { + "name": "JVNDB-2015-000047", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000047" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0981.json b/2015/0xxx/CVE-2015-0981.json index 4ee0e999b32..625f0577a79 100644 --- a/2015/0xxx/CVE-2015-0981.json +++ b/2015/0xxx/CVE-2015-0981.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0981", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2015-0981", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-069-03" + } + ] + } +} \ No newline at end of file diff --git a/2015/1xxx/CVE-2015-1531.json b/2015/1xxx/CVE-2015-1531.json index a5a890200c6..cb254020834 100644 --- a/2015/1xxx/CVE-2015-1531.json +++ b/2015/1xxx/CVE-2015-1531.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-1531", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-1531", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4077.json b/2015/4xxx/CVE-2015-4077.json index 89caae2880c..cbaefed3a9c 100644 --- a/2015/4xxx/CVE-2015-4077.json +++ b/2015/4xxx/CVE-2015-4077.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4077", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4077", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536369/100/0/threaded" - }, - { - "name" : "45149", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/45149/" - }, - { - "name" : "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/0" - }, - { - "name" : "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities" - }, - { - "name" : "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html" - }, - { - "name" : "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient", - "refsource" : "CONFIRM", - "url" : "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient" - }, - { - "name" : "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient", - "refsource" : "CONFIRM", - "url" : "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient" - }, - { - "name" : "1033439", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033439" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities", + "refsource": "MISC", + "url": "http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities" + }, + { + "name": "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133398/FortiClient-Antivirus-Information-Exposure-Access-Control.html" + }, + { + "name": "45149", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/45149/" + }, + { + "name": "1033439", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033439" + }, + { + "name": "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient", + "refsource": "CONFIRM", + "url": "http://www.fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient" + }, + { + "name": "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536369/100/0/threaded" + }, + { + "name": "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient", + "refsource": "CONFIRM", + "url": "http://fortiguard.com/advisory/mulitple-vulnerabilities-in-forticlient" + }, + { + "name": "20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/0" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4528.json b/2015/4xxx/CVE-2015-4528.json index d071ebbc929..668a03f7682 100644 --- a/2015/4xxx/CVE-2015-4528.json +++ b/2015/4xxx/CVE-2015-4528.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4528", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2015-4528", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150716 ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://seclists.org/bugtraq/2015/Jul/80" - }, - { - "name" : "75929", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75929" - }, - { - "name" : "1032966", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032966" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "75929", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75929" + }, + { + "name": "1032966", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032966" + }, + { + "name": "20150716 ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://seclists.org/bugtraq/2015/Jul/80" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8147.json b/2015/8xxx/CVE-2015-8147.json index ebf01d117fb..2ee7ceedf6a 100644 --- a/2015/8xxx/CVE-2015-8147.json +++ b/2015/8xxx/CVE-2015-8147.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8147", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8147. Reason: This candidate is a duplicate of CVE-2014-8147. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-8147 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8147", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8147. Reason: This candidate is a duplicate of CVE-2014-8147. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2014-8147 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8296.json b/2015/8xxx/CVE-2015-8296.json index 0793c54fe56..16d89ec364d 100644 --- a/2015/8xxx/CVE-2015-8296.json +++ b/2015/8xxx/CVE-2015-8296.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8296", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-8296", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8773.json b/2015/8xxx/CVE-2015-8773.json index ac12351e58c..79934943c37 100644 --- a/2015/8xxx/CVE-2015-8773.json +++ b/2015/8xxx/CVE-2015-8773.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160127 McAfee File Lock Driver - Kernel Stack Based BOF", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/Jan/92" - }, - { - "name" : "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-stack-based-bof/", - "refsource" : "MISC", - "url" : "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-stack-based-bof/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows attackers to cause a denial of service (system crash) via a long vault GUID in an ioctl call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-stack-based-bof/", + "refsource": "MISC", + "url": "https://www.nettitude.co.uk/mcafee-file-lock-driver-kernel-stack-based-bof/" + }, + { + "name": "20160127 McAfee File Lock Driver - Kernel Stack Based BOF", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/Jan/92" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9045.json b/2015/9xxx/CVE-2015-9045.json index af8c9e14acc..3368a35f1d7 100644 --- a/2015/9xxx/CVE-2015-9045.json +++ b/2015/9xxx/CVE-2015-9045.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2017-07-01T00:00:00", - "ID" : "CVE-2015-9045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "All Qualcomm products", - "version" : { - "version_data" : [ - { - "version_value" : "All Android releases from CAF using the Linux kernel" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input in GERAN" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2017-07-01T00:00:00", + "ID": "CVE-2015-9045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "All Qualcomm products", + "version": { + "version_data": [ + { + "version_value": "All Android releases from CAF using the Linux kernel" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "99467", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/99467" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GERAN where a buffer can be overflown while taking power measurements." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input in GERAN" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "99467", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/99467" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9237.json b/2015/9xxx/CVE-2015-9237.json index 176cf2111bd..32402e7983f 100644 --- a/2015/9xxx/CVE-2015-9237.json +++ b/2015/9xxx/CVE-2015-9237.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-9237", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-9237", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5755.json b/2016/5xxx/CVE-2016-5755.json index e9aabf6dfc9..a094d9c9071 100644 --- a/2016/5xxx/CVE-2016-5755.json +++ b/2016/5xxx/CVE-2016-5755.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@microfocus.com", - "ID" : "CVE-2016-5755", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "NetIQ Access Manager", - "version" : { - "version_data" : [ - { - "version_value" : "NetIQ Access Manager" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the \"high encryption\" setting." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "clickjacking" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2016-5755", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NetIQ Access Manager", + "version": { + "version_data": [ + { + "version_value": "NetIQ Access Manager" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.novell.com/support/kb/doc.php?id=7017812", - "refsource" : "CONFIRM", - "url" : "https://www.novell.com/support/kb/doc.php?id=7017812" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to clickjacking attacks due to a missing SAMEORIGIN filter in the \"high encryption\" setting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "clickjacking" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.novell.com/support/kb/doc.php?id=7017812", + "refsource": "CONFIRM", + "url": "https://www.novell.com/support/kb/doc.php?id=7017812" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2119.json b/2018/2xxx/CVE-2018-2119.json index db318d282b5..d2cdbb54c95 100644 --- a/2018/2xxx/CVE-2018-2119.json +++ b/2018/2xxx/CVE-2018-2119.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2119", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2119", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2177.json b/2018/2xxx/CVE-2018-2177.json index 900ff603a47..940889d51a0 100644 --- a/2018/2xxx/CVE-2018-2177.json +++ b/2018/2xxx/CVE-2018-2177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2177", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-2177", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2397.json b/2018/2xxx/CVE-2018-2397.json index 4e5f900d444..1be7ea4d98c 100644 --- a/2018/2xxx/CVE-2018-2397.json +++ b/2018/2xxx/CVE-2018-2397.json @@ -1,101 +1,101 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP Business Objects Business Intelligence Platform", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "4.00" - }, - { - "version_affected" : "=", - "version_value" : "4.10" - }, - { - "version_affected" : "=", - "version_value" : "4.20" - }, - { - "version_affected" : "=", - "version_value" : "4.30" - } - ] - } - } - ] - }, - "vendor_name" : "SAP SE" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, 4.20, 4.30, the Central Management Console (CMC) does not sufficiently encode user controlled inputs which results in Cross-Site Scripting." - } - ] - }, - "impact" : { - "cvss" : { - "attackComplexity" : "LOW", - "attackVector" : "NETWORK", - "availabilityImpact" : "NONE", - "baseScore" : 5.4, - "baseSeverity" : "MEDIUM", - "confidentialityImpact" : "LOW", - "integrityImpact" : "LOW", - "privilegesRequired" : "LOW", - "scope" : "CHANGED", - "userInteraction" : "REQUIRED", - "vectorString" : "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version" : "3.0" - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting (XSS)" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP Business Objects Business Intelligence Platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.00" + }, + { + "version_affected": "=", + "version_value": "4.10" + }, + { + "version_affected": "=", + "version_value": "4.20" + }, + { + "version_affected": "=", + "version_value": "4.30" + } + ] + } + } + ] + }, + "vendor_name": "SAP SE" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/", - "refsource" : "CONFIRM", - "url" : "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/" - }, - { - "name" : "https://launchpad.support.sap.com/#/notes/2550538", - "refsource" : "CONFIRM", - "url" : "https://launchpad.support.sap.com/#/notes/2550538" - }, - { - "name" : "103373", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103373" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, 4.20, 4.30, the Central Management Console (CMC) does not sufficiently encode user controlled inputs which results in Cross-Site Scripting." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/", + "refsource": "CONFIRM", + "url": "https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2550538", + "refsource": "CONFIRM", + "url": "https://launchpad.support.sap.com/#/notes/2550538" + }, + { + "name": "103373", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103373" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2692.json b/2018/2xxx/CVE-2018-2692.json index e5367eba62d..f4b6cbf3304 100644 --- a/2018/2xxx/CVE-2018-2692.json +++ b/2018/2xxx/CVE-2018-2692.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2692", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Financial Services Asset Liability Management", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "6.1.x" - }, - { - "version_affected" : "=", - "version_value" : "8.0.x" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Asset Liability Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Asset Liability Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Asset Liability Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Asset Liability Management accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Asset Liability Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Asset Liability Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Asset Liability Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Asset Liability Management accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2692", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Financial Services Asset Liability Management", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "6.1.x" + }, + { + "version_affected": "=", + "version_value": "8.0.x" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102621", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102621" - }, - { - "name" : "1040214", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040214" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Interface). Supported versions that are affected are 6.1.x and 8.0.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Asset Liability Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Asset Liability Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Asset Liability Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Asset Liability Management accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Financial Services Asset Liability Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Asset Liability Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Asset Liability Management accessible data as well as unauthorized read access to a subset of Oracle Financial Services Asset Liability Management accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040214", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040214" + }, + { + "name": "102621", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102621" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2825.json b/2018/2xxx/CVE-2018-2825.json index 740dc6e66c5..8ba36ffaad3 100644 --- a/2018/2xxx/CVE-2018-2825.json +++ b/2018/2xxx/CVE-2018-2825.json @@ -1,88 +1,88 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2825", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Java", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "Java SE: 10" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2825", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Java", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "Java SE: 10" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20180419-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20180419-0001/" - }, - { - "name" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", - "refsource" : "CONFIRM", - "url" : "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" - }, - { - "name" : "USN-3747-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3747-1/" - }, - { - "name" : "103782", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103782" - }, - { - "name" : "1040697", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). The supported version that is affected is Java SE: 10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1040697", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040697" + }, + { + "name": "USN-3747-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3747-1/" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20180419-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20180419-0001/" + }, + { + "name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0", + "refsource": "CONFIRM", + "url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + }, + { + "name": "103782", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103782" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6307.json b/2018/6xxx/CVE-2018-6307.json index effcf927d9d..a55ac2b7fb8 100644 --- a/2018/6xxx/CVE-2018-6307.json +++ b/2018/6xxx/CVE-2018-6307.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vulnerability@kaspersky.com", - "ID" : "CVE-2018-6307", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "LibVNC", - "version" : { - "version_data" : [ - { - "version_value" : "commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Heap Use-After-Free" - } + "CVE_data_meta": { + "ASSIGNER": "vulnerability@kaspersky.com", + "ID": "CVE-2018-6307", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "LibVNC", + "version": { + "version_data": [ + { + "version_value": "commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html" - }, - { - "name" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/", - "refsource" : "MISC", - "url" : "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/" - }, - { - "name" : "DSA-4383", - "refsource" : "DEBIAN", - "url" : "https://www.debian.org/security/2019/dsa-4383" - }, - { - "name" : "USN-3877-1", - "refsource" : "UBUNTU", - "url" : "https://usn.ubuntu.com/3877-1/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap Use-After-Free" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/", + "refsource": "MISC", + "url": "https://ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-026-libvnc-heap-use-after-free/" + }, + { + "name": "DSA-4383", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2019/dsa-4383" + }, + { + "name": "[debian-lts-announce] 20181227 [SECURITY] [DLA 1617-1] libvncserver security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html" + }, + { + "name": "USN-3877-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3877-1/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6391.json b/2018/6xxx/CVE-2018-6391.json index 17450e4698e..ffc0beee763 100644 --- a/2018/6xxx/CVE-2018-6391.json +++ b/2018/6xxx/CVE-2018-6391.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43919", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43919/" - }, - { - "name" : "https://0day.today/exploit/29659", - "refsource" : "MISC", - "url" : "https://0day.today/exploit/29659" - }, - { - "name" : "https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt", - "refsource" : "MISC", - "url" : "https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt", + "refsource": "MISC", + "url": "https://packetstormsecurity.com/files/146117/netiswf2419-xsrf.txt" + }, + { + "name": "43919", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43919/" + }, + { + "name": "https://0day.today/exploit/29659", + "refsource": "MISC", + "url": "https://0day.today/exploit/29659" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6836.json b/2018/6xxx/CVE-2018-6836.json index 46f3706fd97..05cb8cc8d53 100644 --- a/2018/6xxx/CVE-2018-6836.json +++ b/2018/6xxx/CVE-2018-6836.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397", - "refsource" : "MISC", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397" - }, - { - "name" : "https://code.wireshark.org/review/#/c/25660/", - "refsource" : "MISC", - "url" : "https://code.wireshark.org/review/#/c/25660/" - }, - { - "name" : "https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c", - "refsource" : "MISC", - "url" : "https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef", - "refsource" : "MISC", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c", + "refsource": "MISC", + "url": "https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef", + "refsource": "MISC", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=28960d79cca262ac6b974f339697b299a1e28fef" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397", + "refsource": "MISC", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397" + }, + { + "name": "https://code.wireshark.org/review/#/c/25660/", + "refsource": "MISC", + "url": "https://code.wireshark.org/review/#/c/25660/" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6878.json b/2018/6xxx/CVE-2018-6878.json index e1cd2bbab98..7ff70f8372f 100644 --- a/2018/6xxx/CVE-2018-6878.json +++ b/2018/6xxx/CVE-2018-6878.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross Site Scripting (XSS) exists in the review section in PHP Scripts Mall Hot Scripts Clone Script Classified 3.1 via the title or description field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "43991", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/43991/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross Site Scripting (XSS) exists in the review section in PHP Scripts Mall Hot Scripts Clone Script Classified 3.1 via the title or description field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "43991", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/43991/" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7273.json b/2018/7xxx/CVE-2018-7273.json index 554c5d22868..a6ba1c91e59 100644 --- a/2018/7xxx/CVE-2018-7273.json +++ b/2018/7xxx/CVE-2018-7273.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7273", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7273", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44325", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44325/" - }, - { - "name" : "https://lkml.org/lkml/2018/2/20/669", - "refsource" : "MISC", - "url" : "https://lkml.org/lkml/2018/2/20/669" - }, - { - "name" : "103088", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103088" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://lkml.org/lkml/2018/2/20/669", + "refsource": "MISC", + "url": "https://lkml.org/lkml/2018/2/20/669" + }, + { + "name": "44325", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44325/" + }, + { + "name": "103088", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103088" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7578.json b/2018/7xxx/CVE-2018-7578.json index f7d124f922b..4fd97276fe8 100644 --- a/2018/7xxx/CVE-2018-7578.json +++ b/2018/7xxx/CVE-2018-7578.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7578", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7578", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7753.json b/2018/7xxx/CVE-2018-7753.json index 86d88d6b833..68bbd9acc8d 100644 --- a/2018/7xxx/CVE-2018-7753.json +++ b/2018/7xxx/CVE-2018-7753.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7753", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.debian.org/892252", - "refsource" : "MISC", - "url" : "https://bugs.debian.org/892252" - }, - { - "name" : "https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef", - "refsource" : "MISC", - "url" : "https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef" - }, - { - "name" : "https://github.com/mozilla/bleach/releases/tag/v2.1.3", - "refsource" : "MISC", - "url" : "https://github.com/mozilla/bleach/releases/tag/v2.1.3" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/mozilla/bleach/releases/tag/v2.1.3", + "refsource": "MISC", + "url": "https://github.com/mozilla/bleach/releases/tag/v2.1.3" + }, + { + "name": "https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef", + "refsource": "MISC", + "url": "https://github.com/mozilla/bleach/commit/c5df5789ec3471a31311f42c2d19fc2cf21b35ef" + }, + { + "name": "https://bugs.debian.org/892252", + "refsource": "MISC", + "url": "https://bugs.debian.org/892252" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7969.json b/2018/7xxx/CVE-2018-7969.json index 50430dce43d..b066e37471f 100644 --- a/2018/7xxx/CVE-2018-7969.json +++ b/2018/7xxx/CVE-2018-7969.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7969", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-7969", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1431.json b/2019/1xxx/CVE-2019-1431.json index 157ef306000..0cbd75d8783 100644 --- a/2019/1xxx/CVE-2019-1431.json +++ b/2019/1xxx/CVE-2019-1431.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1431", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1431", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1843.json b/2019/1xxx/CVE-2019-1843.json index 840ae443c7a..7c988124c13 100644 --- a/2019/1xxx/CVE-2019-1843.json +++ b/2019/1xxx/CVE-2019-1843.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1843", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1843", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1929.json b/2019/1xxx/CVE-2019-1929.json index f3d65ff9ab8..0cc32e04814 100644 --- a/2019/1xxx/CVE-2019-1929.json +++ b/2019/1xxx/CVE-2019-1929.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1929", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1929", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5124.json b/2019/5xxx/CVE-2019-5124.json index a4abb146ba5..2ff6d1ca14a 100644 --- a/2019/5xxx/CVE-2019-5124.json +++ b/2019/5xxx/CVE-2019-5124.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5124", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5124", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5198.json b/2019/5xxx/CVE-2019-5198.json index c8c007d4cf0..05e81c6617c 100644 --- a/2019/5xxx/CVE-2019-5198.json +++ b/2019/5xxx/CVE-2019-5198.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5198", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5198", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5250.json b/2019/5xxx/CVE-2019-5250.json index 3f87d067d4e..e14e1798745 100644 --- a/2019/5xxx/CVE-2019-5250.json +++ b/2019/5xxx/CVE-2019-5250.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5250", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5250", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5700.json b/2019/5xxx/CVE-2019-5700.json index 2d91a1a48c2..c1c6343f912 100644 --- a/2019/5xxx/CVE-2019-5700.json +++ b/2019/5xxx/CVE-2019-5700.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5700", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5700", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file