diff --git a/2006/5xxx/CVE-2006-5130.json b/2006/5xxx/CVE-2006-5130.json index 4b5b8dcbc15..cb59085002a 100644 --- a/2006/5xxx/CVE-2006-5130.json +++ b/2006/5xxx/CVE-2006-5130.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) url, (3) title, and (4) about parameters in a forum post. NOTE: the provenance of this information is unknown; the details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "22143", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22143" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in ph03y3nk just another flat file (JAF) CMS 4.0 RC1 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) url, (3) title, and (4) about parameters in a forum post. NOTE: the provenance of this information is unknown; the details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "22143", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22143" + } + ] + } +} \ No newline at end of file diff --git a/2006/5xxx/CVE-2006-5541.json b/2006/5xxx/CVE-2006-5541.json index a00d2741f93..8d4345ee258 100644 --- a/2006/5xxx/CVE-2006-5541.json +++ b/2006/5xxx/CVE-2006-5541.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, 8.0.x before 8.0.9, and 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via a coercion of an unknown element to ANYARRAY." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://projects.commandprompt.com/public/pgsql/changeset/26457", - "refsource" : "CONFIRM", - "url" : "http://projects.commandprompt.com/public/pgsql/changeset/26457" - }, - { - "name" : "http://www.postgresql.org/about/news.664", - "refsource" : "CONFIRM", - "url" : "http://www.postgresql.org/about/news.664" - }, - { - "name" : "http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html", - "refsource" : "CONFIRM", - "url" : "http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm" - }, - { - "name" : "MDKSA-2006:194", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2006:194" - }, - { - "name" : "RHSA-2007:0067", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0067.html" - }, - { - "name" : "RHSA-2007:0068", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0068.html" - }, - { - "name" : "SUSE-SR:2006:027", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_27_sr.html" - }, - { - "name" : "2006-0059", - "refsource" : "TRUSTIX", - "url" : "http://www.trustix.org/errata/2006/0059/" - }, - { - "name" : "USN-369-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-369-1" - }, - { - "name" : "USN-369-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-369-2" - }, - { - "name" : "20717", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20717" - }, - { - "name" : "oval:org.mitre.oval:def:10905", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10905" - }, - { - "name" : "ADV-2006-4182", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/4182" - }, - { - "name" : "1017115", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017115" - }, - { - "name" : "22562", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22562" - }, - { - "name" : "22584", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22584" - }, - { - "name" : "22636", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22636" - }, - { - "name" : "22606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/22606" - }, - { - "name" : "23048", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23048" - }, - { - "name" : "23132", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23132" - }, - { - "name" : "24577", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24577" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, 8.0.x before 8.0.9, and 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via a coercion of an unknown element to ANYARRAY." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MDKSA-2006:194", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:194" + }, + { + "name": "USN-369-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-369-2" + }, + { + "name": "1017115", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017115" + }, + { + "name": "http://projects.commandprompt.com/public/pgsql/changeset/26457", + "refsource": "CONFIRM", + "url": "http://projects.commandprompt.com/public/pgsql/changeset/26457" + }, + { + "name": "RHSA-2007:0068", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html" + }, + { + "name": "ADV-2006-4182", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/4182" + }, + { + "name": "22606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22606" + }, + { + "name": "http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html", + "refsource": "CONFIRM", + "url": "http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html" + }, + { + "name": "http://www.postgresql.org/about/news.664", + "refsource": "CONFIRM", + "url": "http://www.postgresql.org/about/news.664" + }, + { + "name": "oval:org.mitre.oval:def:10905", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10905" + }, + { + "name": "23048", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23048" + }, + { + "name": "24577", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24577" + }, + { + "name": "SUSE-SR:2006:027", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_27_sr.html" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm" + }, + { + "name": "23132", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23132" + }, + { + "name": "USN-369-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-369-1" + }, + { + "name": "22636", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22636" + }, + { + "name": "RHSA-2007:0067", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html" + }, + { + "name": "2006-0059", + "refsource": "TRUSTIX", + "url": "http://www.trustix.org/errata/2006/0059/" + }, + { + "name": "22562", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22562" + }, + { + "name": "22584", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/22584" + }, + { + "name": "20717", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20717" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2000.json b/2007/2xxx/CVE-2007-2000.json index 63119fb950f..afdf40efa3d 100644 --- a/2007/2xxx/CVE-2007-2000.json +++ b/2007/2xxx/CVE-2007-2000.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2000", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2000", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3701", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3701" - }, - { - "name" : "ADV-2007-1344", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1344" - }, - { - "name" : "34816", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34816" - }, - { - "name" : "24862", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24862" - }, - { - "name" : "creabook-admin-sql-injection(33555)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33555" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in admin/admin.php in Crea-Book 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) pseudo or (2) passe parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3701", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3701" + }, + { + "name": "ADV-2007-1344", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1344" + }, + { + "name": "creabook-admin-sql-injection(33555)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33555" + }, + { + "name": "24862", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24862" + }, + { + "name": "34816", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34816" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2716.json b/2007/2xxx/CVE-2007-2716.json index a6a88b50518..b5e8201c868 100644 --- a/2007/2xxx/CVE-2007-2716.json +++ b/2007/2xxx/CVE-2007-2716.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2716", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2716", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070512 Cross-site Scripting in EQDKP 1.3.2c and prior", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117901012506948&w=2" - }, - { - "name" : "20070512 Re: Cross-site Scripting in EQDKP 1.3.2c and prior", - "refsource" : "FULLDISC", - "url" : "http://marc.info/?l=full-disclosure&m=117901106013812&w=2" - }, - { - "name" : "23951", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23951" - }, - { - "name" : "36051", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36051" - }, - { - "name" : "36052", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36052" - }, - { - "name" : "25249", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25249" - }, - { - "name" : "eqdkp-show-xss(34335)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25249", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25249" + }, + { + "name": "36052", + "refsource": "OSVDB", + "url": "http://osvdb.org/36052" + }, + { + "name": "23951", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23951" + }, + { + "name": "20070512 Re: Cross-site Scripting in EQDKP 1.3.2c and prior", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117901106013812&w=2" + }, + { + "name": "20070512 Cross-site Scripting in EQDKP 1.3.2c and prior", + "refsource": "FULLDISC", + "url": "http://marc.info/?l=full-disclosure&m=117901012506948&w=2" + }, + { + "name": "eqdkp-show-xss(34335)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34335" + }, + { + "name": "36051", + "refsource": "OSVDB", + "url": "http://osvdb.org/36051" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3181.json b/2007/3xxx/CVE-2007-3181.json index 7709a2d5b34..da9daae9f82 100644 --- a/2007/3xxx/CVE-2007-3181.json +++ b/2007/3xxx/CVE-2007-3181.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3181", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to \"an InterBase version of gds32.dll.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3181", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-11", - "refsource" : "MISC", - "url" : "http://dvlabs.tippingpoint.com/advisory/TPTI-07-11" - }, - { - "name" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf", - "refsource" : "CONFIRM", - "url" : "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf" - }, - { - "name" : "DSA-1529", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1529" - }, - { - "name" : "GLSA-200707-01", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200707-01.xml" - }, - { - "name" : "24436", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24436" - }, - { - "name" : "37231", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37231" - }, - { - "name" : "ADV-2007-2149", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2149" - }, - { - "name" : "25601", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25601" - }, - { - "name" : "25872", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25872" - }, - { - "name" : "29501", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29501" - }, - { - "name" : "firebird-fbserver-bo(34833)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34833" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to \"an InterBase version of gds32.dll.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24436", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24436" + }, + { + "name": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf", + "refsource": "CONFIRM", + "url": "http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf" + }, + { + "name": "37231", + "refsource": "OSVDB", + "url": "http://osvdb.org/37231" + }, + { + "name": "25601", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25601" + }, + { + "name": "firebird-fbserver-bo(34833)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34833" + }, + { + "name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-11", + "refsource": "MISC", + "url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-11" + }, + { + "name": "GLSA-200707-01", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200707-01.xml" + }, + { + "name": "ADV-2007-2149", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2149" + }, + { + "name": "29501", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29501" + }, + { + "name": "25872", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25872" + }, + { + "name": "DSA-1529", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1529" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3435.json b/2007/3xxx/CVE-2007-3435.json index e0034b456b1..c8e9082a107 100644 --- a/2007/3xxx/CVE-2007-3435.json +++ b/2007/3xxx/CVE-2007-3435.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3435", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3435", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070623 [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control RemoteStack Buffer Overflow", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472189/100/0/threaded" - }, - { - "name" : "4094", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4094" - }, - { - "name" : "http://goodfellas.shellcode.com.ar/own/VULWAR200706223.txt", - "refsource" : "MISC", - "url" : "http://goodfellas.shellcode.com.ar/own/VULWAR200706223.txt" - }, - { - "name" : "24596", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24596" - }, - { - "name" : "37482", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37482" - }, - { - "name" : "ADV-2007-2305", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2305" - }, - { - "name" : "25788", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25788" - }, - { - "name" : "barcodeax-activex-beginprint-bo(35011)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the BeginPrint method in a certain ActiveX control in RKD Software (barcodetools.com) BarCodeAx.dll 4.9 allows remote attackers to execute arbitrary code via a long argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24596", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24596" + }, + { + "name": "ADV-2007-2305", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2305" + }, + { + "name": "http://goodfellas.shellcode.com.ar/own/VULWAR200706223.txt", + "refsource": "MISC", + "url": "http://goodfellas.shellcode.com.ar/own/VULWAR200706223.txt" + }, + { + "name": "barcodeax-activex-beginprint-bo(35011)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35011" + }, + { + "name": "4094", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4094" + }, + { + "name": "37482", + "refsource": "OSVDB", + "url": "http://osvdb.org/37482" + }, + { + "name": "25788", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25788" + }, + { + "name": "20070623 [GOODFELLAS - VULN] BarCodeAx.dll v. 4.9 ActiveX Control RemoteStack Buffer Overflow", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472189/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3487.json b/2007/3xxx/CVE-2007-3487.json index 228eb34609d..1a4c64f91f8 100644 --- a/2007/3xxx/CVE-2007-3487.json +++ b/2007/3xxx/CVE-2007-3487.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3487", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3487", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070627 [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital ImagingArbitary Data Write.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472384/100/0/threaded" - }, - { - "name" : "4119", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4119" - }, - { - "name" : "37675", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37675" - }, - { - "name" : "25869", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25869" - }, - { - "name" : "2846", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2846" - }, - { - "name" : "hp-photodigitalimaging-hpqxml-file-overwrite(35124)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35124" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Absolute path traversal in a certain ActiveX control in hpqxml.dll 2.0.0.133 in Hewlett-Packard (HP) Photo Digital Imaging allows remote attackers to create or overwrite arbitrary files via the argument to the saveXMLAsFile method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37675", + "refsource": "OSVDB", + "url": "http://osvdb.org/37675" + }, + { + "name": "hp-photodigitalimaging-hpqxml-file-overwrite(35124)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35124" + }, + { + "name": "2846", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2846" + }, + { + "name": "20070627 [GOODFELLAS - VULN] hpqxml.dll 2.0.0.133 from HP Digital ImagingArbitary Data Write.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472384/100/0/threaded" + }, + { + "name": "25869", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25869" + }, + { + "name": "4119", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4119" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3543.json b/2007/3xxx/CVE-2007-3543.json index 2fbd7daf82e..5ec5ea270ac 100644 --- a/2007/3xxx/CVE-2007-3543.json +++ b/2007/3xxx/CVE-2007-3543.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3543", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3543", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html", - "refsource" : "MISC", - "url" : "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html" - }, - { - "name" : "http://trac.mu.wordpress.org/changeset/1005", - "refsource" : "CONFIRM", - "url" : "http://trac.mu.wordpress.org/changeset/1005" - }, - { - "name" : "24642", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24642" - }, - { - "name" : "37295", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37295" - }, - { - "name" : "25794", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25794" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the _wp_attached_file metadata field; and then sending this file's content, along with its post_ID value, to (1) wp-app.php or (2) app.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "25794", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25794" + }, + { + "name": "24642", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24642" + }, + { + "name": "37295", + "refsource": "OSVDB", + "url": "http://osvdb.org/37295" + }, + { + "name": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html", + "refsource": "MISC", + "url": "http://www.buayacorp.com/files/wordpress/wordpress-advisory.html" + }, + { + "name": "http://trac.mu.wordpress.org/changeset/1005", + "refsource": "CONFIRM", + "url": "http://trac.mu.wordpress.org/changeset/1005" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6241.json b/2007/6xxx/CVE-2007-6241.json index 8d20b6fe458..690b5a315bb 100644 --- a/2007/6xxx/CVE-2007-6241.json +++ b/2007/6xxx/CVE-2007-6241.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6241", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown \"critical\" impact and attack vectors, different issues than CVE-2007-6014." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6241", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.beehiveforum.net/news.php", - "refsource" : "CONFIRM", - "url" : "http://www.beehiveforum.net/news.php" - }, - { - "name" : "27909", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27909" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Beehive Forum 0.7.1 have unknown \"critical\" impact and attack vectors, different issues than CVE-2007-6014." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.beehiveforum.net/news.php", + "refsource": "CONFIRM", + "url": "http://www.beehiveforum.net/news.php" + }, + { + "name": "27909", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27909" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6422.json b/2007/6xxx/CVE-2007-6422.json index e7e8362c447..9452ffc44a3 100644 --- a/2007/6xxx/CVE-2007-6422.json +++ b/2007/6xxx/CVE-2007-6422.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080110 SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/486169/100/0/threaded" - }, - { - "name" : "http://httpd.apache.org/security/vulnerabilities_22.html", - "refsource" : "CONFIRM", - "url" : "http://httpd.apache.org/security/vulnerabilities_22.html" - }, - { - "name" : "FEDORA-2008-1695", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html" - }, - { - "name" : "FEDORA-2008-1711", - "refsource" : "FEDORA", - "url" : "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html" - }, - { - "name" : "GLSA-200803-19", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-200803-19.xml" - }, - { - "name" : "MDVSA-2008:016", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016" - }, - { - "name" : "RHSA-2008:0008", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0008.html" - }, - { - "name" : "RHSA-2008:0009", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2008-0009.html" - }, - { - "name" : "SUSE-SA:2008:021", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" - }, - { - "name" : "USN-575-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-575-1" - }, - { - "name" : "27236", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27236" - }, - { - "name" : "oval:org.mitre.oval:def:10181", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10181" - }, - { - "name" : "oval:org.mitre.oval:def:8690", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8690" - }, - { - "name" : "ADV-2008-0048", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/0048" - }, - { - "name" : "28526", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28526" - }, - { - "name" : "28749", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28749" - }, - { - "name" : "28977", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28977" - }, - { - "name" : "29348", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29348" - }, - { - "name" : "29640", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29640" - }, - { - "name" : "3523", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3523" - }, - { - "name" : "apache-modproxybalancer-dos(39476)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39476" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The balancer_handler function in mod_proxy_balancer in the Apache HTTP Server 2.2.0 through 2.2.6, when a threaded Multi-Processing Module is used, allows remote authenticated users to cause a denial of service (child process crash) via an invalid bb variable." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200803-19", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-200803-19.xml" + }, + { + "name": "28749", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28749" + }, + { + "name": "3523", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3523" + }, + { + "name": "FEDORA-2008-1695", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00562.html" + }, + { + "name": "28526", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28526" + }, + { + "name": "oval:org.mitre.oval:def:10181", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10181" + }, + { + "name": "27236", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27236" + }, + { + "name": "RHSA-2008:0008", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0008.html" + }, + { + "name": "FEDORA-2008-1711", + "refsource": "FEDORA", + "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00541.html" + }, + { + "name": "RHSA-2008:0009", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2008-0009.html" + }, + { + "name": "http://httpd.apache.org/security/vulnerabilities_22.html", + "refsource": "CONFIRM", + "url": "http://httpd.apache.org/security/vulnerabilities_22.html" + }, + { + "name": "ADV-2008-0048", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/0048" + }, + { + "name": "29348", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29348" + }, + { + "name": "SUSE-SA:2008:021", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00004.html" + }, + { + "name": "20080110 SecurityReason - Apache2 CSRF, XSS, Memory Corruption and Denial of Service Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/486169/100/0/threaded" + }, + { + "name": "oval:org.mitre.oval:def:8690", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8690" + }, + { + "name": "apache-modproxybalancer-dos(39476)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39476" + }, + { + "name": "USN-575-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-575-1" + }, + { + "name": "29640", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29640" + }, + { + "name": "28977", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28977" + }, + { + "name": "MDVSA-2008:016", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:016" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6552.json b/2007/6xxx/CVE-2007-6552.json index 1e4b03c30a1..49cdc35be90 100644 --- a/2007/6xxx/CVE-2007-6552.json +++ b/2007/6xxx/CVE-2007-6552.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6552", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6552", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4786", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4786" - }, - { - "name" : "http://newhack.org/advisories/AuraCMS-2.2-RemoteAddAdmin.txt", - "refsource" : "MISC", - "url" : "http://newhack.org/advisories/AuraCMS-2.2-RemoteAddAdmin.txt" - }, - { - "name" : "27037", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27037" - }, - { - "name" : "39804", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39804" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in index.php in AuraCMS 2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the act parameter, possibly involving the news pilih component; as demonstrated by including admin/admin_users.php to bypass a protection mechanism against direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://newhack.org/advisories/AuraCMS-2.2-RemoteAddAdmin.txt", + "refsource": "MISC", + "url": "http://newhack.org/advisories/AuraCMS-2.2-RemoteAddAdmin.txt" + }, + { + "name": "39804", + "refsource": "OSVDB", + "url": "http://osvdb.org/39804" + }, + { + "name": "4786", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4786" + }, + { + "name": "27037", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27037" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6576.json b/2007/6xxx/CVE-2007-6576.json index 96bb1eec223..89a65bd4019 100644 --- a/2007/6xxx/CVE-2007-6576.json +++ b/2007/6xxx/CVE-2007-6576.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6576", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6576", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4775", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4775" - }, - { - "name" : "http://www.inj3ct-it.org/exploit/adultscript.txt", - "refsource" : "MISC", - "url" : "http://www.inj3ct-it.org/exploit/adultscript.txt" - }, - { - "name" : "26996", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26996" - }, - { - "name" : "39621", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39621" - }, - { - "name" : "39622", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39622" - }, - { - "name" : "28165", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/28165" - }, - { - "name" : "adultscript-id-sql-injection(39229)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39229" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Adult Script 1.6.5 and earlier allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) videolink_count.php or (2) links.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "adultscript-id-sql-injection(39229)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39229" + }, + { + "name": "39621", + "refsource": "OSVDB", + "url": "http://osvdb.org/39621" + }, + { + "name": "39622", + "refsource": "OSVDB", + "url": "http://osvdb.org/39622" + }, + { + "name": "26996", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26996" + }, + { + "name": "28165", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/28165" + }, + { + "name": "http://www.inj3ct-it.org/exploit/adultscript.txt", + "refsource": "MISC", + "url": "http://www.inj3ct-it.org/exploit/adultscript.txt" + }, + { + "name": "4775", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4775" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6590.json b/2007/6xxx/CVE-2007-6590.json index 954dc4b2c95..48fa5db6bfd 100644 --- a/2007/6xxx/CVE-2007-6590.json +++ b/2007/6xxx/CVE-2007-6590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6590", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2809. Reason: This candidate is a duplicate of CVE-2008-2809. Notes: All CVE users should reference CVE-2008-2809 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2007-6590", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2809. Reason: This candidate is a duplicate of CVE-2008-2809. Notes: All CVE users should reference CVE-2008-2809 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0497.json b/2010/0xxx/CVE-2010-0497.json index fdccbb3c416..b207b0baa1a 100644 --- a/2010/0xxx/CVE-2010-0497.json +++ b/2010/0xxx/CVE-2010-0497.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0497", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2010-0497", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT4077", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT4077" - }, - { - "name" : "APPLE-SA-2010-03-29-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file type in an internet enabled disk image, which makes it easier for user-assisted remote attackers to execute arbitrary code via a package file type." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2010-03-29-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html" + }, + { + "name": "http://support.apple.com/kb/HT4077", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT4077" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0900.json b/2010/0xxx/CVE-2010-0900.json index cd09c546af3..298b1ec2bf2 100644 --- a/2010/0xxx/CVE-2010-0900.json +++ b/2010/0xxx/CVE-2010-0900.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0900", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0900", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1008.json b/2010/1xxx/CVE-2010-1008.json index e23f751defb..b5ad057a1c1 100644 --- a/2010/1xxx/CVE-2010-1008.json +++ b/2010/1xxx/CVE-2010-1008.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://typo3.org/extensions/repository/view/chsellector/0.1.2/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/extensions/repository/view/chsellector/0.1.2/" - }, - { - "name" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", - "refsource" : "CONFIRM", - "url" : "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" - }, - { - "name" : "38816", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) extension before 0.1.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38816", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38816" + }, + { + "name": "http://typo3.org/extensions/repository/view/chsellector/0.1.2/", + "refsource": "CONFIRM", + "url": "http://typo3.org/extensions/repository/view/chsellector/0.1.2/" + }, + { + "name": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/", + "refsource": "CONFIRM", + "url": "http://typo3.org/teams/security/security-bulletins/typo3-sa-2010-006/" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1289.json b/2010/1xxx/CVE-2010-1289.json index 9dc1f45532a..8a8464cdf21 100644 --- a/2010/1xxx/CVE-2010-1289.json +++ b/2010/1xxx/CVE-2010-1289.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2010-1289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html", - "refsource" : "CONFIRM", - "url" : "http://www.adobe.com/support/security/bulletins/apsb10-12.html" - }, - { - "name" : "40087", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40087" - }, - { - "name" : "oval:org.mitre.oval:def:6652", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652" - }, - { - "name" : "38751", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38751" - }, - { - "name" : "ADV-2010-1128", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1128" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38751", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38751" + }, + { + "name": "oval:org.mitre.oval:def:6652", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6652" + }, + { + "name": "http://www.adobe.com/support/security/bulletins/apsb10-12.html", + "refsource": "CONFIRM", + "url": "http://www.adobe.com/support/security/bulletins/apsb10-12.html" + }, + { + "name": "40087", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40087" + }, + { + "name": "ADV-2010-1128", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1128" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1349.json b/2010/1xxx/CVE-2010-1349.json index f0df120d0e4..5e606ed8747 100644 --- a/2010/1xxx/CVE-2010-1349.json +++ b/2010/1xxx/CVE-2010-1349.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1349", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1349", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "11622", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/11622" - }, - { - "name" : "http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue", - "refsource" : "CONFIRM", - "url" : "http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue" - }, - { - "name" : "http://www.opera.com/support/kb/view/948/", - "refsource" : "CONFIRM", - "url" : "http://www.opera.com/support/kb/view/948/" - }, - { - "name" : "38519", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/38519" - }, - { - "name" : "62714", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/62714" - }, - { - "name" : "1023690", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023690" - }, - { - "name" : "38820", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38820" - }, - { - "name" : "ADV-2010-0529", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0529" - }, - { - "name" : "opera-contentlength-bo(56673)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/56673" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38519", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/38519" + }, + { + "name": "1023690", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023690" + }, + { + "name": "http://www.opera.com/support/kb/view/948/", + "refsource": "CONFIRM", + "url": "http://www.opera.com/support/kb/view/948/" + }, + { + "name": "11622", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/11622" + }, + { + "name": "opera-contentlength-bo(56673)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56673" + }, + { + "name": "62714", + "refsource": "OSVDB", + "url": "http://osvdb.org/62714" + }, + { + "name": "http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue", + "refsource": "CONFIRM", + "url": "http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue" + }, + { + "name": "ADV-2010-0529", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0529" + }, + { + "name": "38820", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38820" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1939.json b/2010/1xxx/CVE-2010-1939.json index 5c01a3395b4..1500a746222 100644 --- a/2010/1xxx/CVE-2010-1939.json +++ b/2010/1xxx/CVE-2010-1939.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1939", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1939", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://h07.w.interia.pl/Safari.rar", - "refsource" : "MISC", - "url" : "http://h07.w.interia.pl/Safari.rar" - }, - { - "name" : "http://reviews.cnet.com/8301-13727_7-20004709-263.html", - "refsource" : "MISC", - "url" : "http://reviews.cnet.com/8301-13727_7-20004709-263.html" - }, - { - "name" : "VU#943165", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/943165" - }, - { - "name" : "39990", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39990" - }, - { - "name" : "64482", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/64482" - }, - { - "name" : "oval:org.mitre.oval:def:6748", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6748" - }, - { - "name" : "1023958", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023958" - }, - { - "name" : "39670", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39670" - }, - { - "name" : "ADV-2010-1097", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1097" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39670", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39670" + }, + { + "name": "oval:org.mitre.oval:def:6748", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6748" + }, + { + "name": "http://reviews.cnet.com/8301-13727_7-20004709-263.html", + "refsource": "MISC", + "url": "http://reviews.cnet.com/8301-13727_7-20004709-263.html" + }, + { + "name": "ADV-2010-1097", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1097" + }, + { + "name": "39990", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39990" + }, + { + "name": "http://h07.w.interia.pl/Safari.rar", + "refsource": "MISC", + "url": "http://h07.w.interia.pl/Safari.rar" + }, + { + "name": "64482", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/64482" + }, + { + "name": "1023958", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023958" + }, + { + "name": "VU#943165", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/943165" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0275.json b/2014/0xxx/CVE-2014-0275.json index 0abf9e76f8c..7b201c738a4 100644 --- a/2014/0xxx/CVE-2014-0275.json +++ b/2014/0xxx/CVE-2014-0275.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0275", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0285 and CVE-2014-0286." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2014-0275", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS14-010", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010" - }, - { - "name" : "65373", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65373" - }, - { - "name" : "103174", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/103174" - }, - { - "name" : "1029741", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1029741" - }, - { - "name" : "56796", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/56796" - }, - { - "name" : "ms-ie-cve20140275-code-exec(90765)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/90765" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2014-0285 and CVE-2014-0286." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "65373", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65373" + }, + { + "name": "MS14-010", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-010" + }, + { + "name": "1029741", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1029741" + }, + { + "name": "56796", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/56796" + }, + { + "name": "103174", + "refsource": "OSVDB", + "url": "http://osvdb.org/103174" + }, + { + "name": "ms-ie-cve20140275-code-exec(90765)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90765" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0397.json b/2014/0xxx/CVE-2014-0397.json index 98719bcf1d3..2b864bba7d2 100644 --- a/2014/0xxx/CVE-2014-0397.json +++ b/2014/0xxx/CVE-2014-0397.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to \"Buffer errors.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors", - "refsource" : "CONFIRM", - "url" : "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors" - }, - { - "name" : "65819", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/65819" - }, - { - "name" : "libxtsol-cve20140397-bo(91482)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91482" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in libXtsol in Oracle Solaris 10 and 11.1 have unspecified impact and attack vectors related to \"Buffer errors.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "65819", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/65819" + }, + { + "name": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors", + "refsource": "CONFIRM", + "url": "https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors" + }, + { + "name": "libxtsol-cve20140397-bo(91482)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91482" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0715.json b/2014/0xxx/CVE-2014-0715.json index 613d41afe98..2f2628052a3 100644 --- a/2014/0xxx/CVE-2014-0715.json +++ b/2014/0xxx/CVE-2014-0715.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0715", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-0715", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0904.json b/2014/0xxx/CVE-2014-0904.json index e8c536b2d0a..520cba075a7 100644 --- a/2014/0xxx/CVE-2014-0904.json +++ b/2014/0xxx/CVE-2014-0904.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0904", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0904", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666775", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21666775" - }, - { - "name" : "ibm-appscan-cve20140904-code-exec(91536)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91536" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The update process in IBM Security AppScan Standard 7.9 through 8.8 does not require integrity checks of downloaded files, which allows remote attackers to execute arbitrary code via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21666775", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21666775" + }, + { + "name": "ibm-appscan-cve20140904-code-exec(91536)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91536" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1344.json b/2014/1xxx/CVE-2014-1344.json index 1fe2cf8a89d..65ea1c11bdd 100644 --- a/2014/1xxx/CVE-2014-1344.json +++ b/2014/1xxx/CVE-2014-1344.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1344", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2014-1344", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://support.apple.com/kb/HT6254", - "refsource" : "CONFIRM", - "url" : "http://support.apple.com/kb/HT6254" - }, - { - "name" : "https://support.apple.com/kb/HT6537", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/kb/HT6537" - }, - { - "name" : "APPLE-SA-2014-05-21-1", - "refsource" : "APPLE", - "url" : "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" - }, - { - "name" : "GLSA-201601-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201601-02" - }, - { - "name" : "67553", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67553" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2014-05-21-1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201601-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201601-02" + }, + { + "name": "https://support.apple.com/kb/HT6537", + "refsource": "CONFIRM", + "url": "https://support.apple.com/kb/HT6537" + }, + { + "name": "http://support.apple.com/kb/HT6254", + "refsource": "CONFIRM", + "url": "http://support.apple.com/kb/HT6254" + }, + { + "name": "67553", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67553" + }, + { + "name": "APPLE-SA-2014-05-21-1", + "refsource": "APPLE", + "url": "http://archives.neohapsis.com/archives/bugtraq/2014-05/0128.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1676.json b/2014/1xxx/CVE-2014-1676.json index 18e6246bb69..88ff5040b50 100644 --- a/2014/1xxx/CVE-2014-1676.json +++ b/2014/1xxx/CVE-2014-1676.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1676", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1676", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/4xxx/CVE-2014-4917.json b/2014/4xxx/CVE-2014-4917.json index 183869475f5..4a0dc4a044d 100644 --- a/2014/4xxx/CVE-2014-4917.json +++ b/2014/4xxx/CVE-2014-4917.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-4917", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-4917", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5390.json b/2014/5xxx/CVE-2014-5390.json index fa1a6d7218e..72a6c5bbc69 100644 --- a/2014/5xxx/CVE-2014-5390.json +++ b/2014/5xxx/CVE-2014-5390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5468.json b/2014/5xxx/CVE-2014-5468.json index a549210350d..f02f30ee82c 100644 --- a/2014/5xxx/CVE-2014-5468.json +++ b/2014/5xxx/CVE-2014-5468.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5468", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5468", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5768.json b/2014/5xxx/CVE-2014-5768.json index 867001a75c5..1b5b04da7d4 100644 --- a/2014/5xxx/CVE-2014-5768.json +++ b/2014/5xxx/CVE-2014-5768.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5768", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-google for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5768", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#606961", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/606961" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Food Planner (aka dk.boggie.madplan.android) application 4.8.4.3-google for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + }, + { + "name": "VU#606961", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/606961" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5843.json b/2014/5xxx/CVE-2014-5843.json index f9cd8b7789e..d38aad8779e 100644 --- a/2014/5xxx/CVE-2014-5843.json +++ b/2014/5xxx/CVE-2014-5843.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5843", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ADP AGENCY Immobiliare (aka com.wAdpagencyAndroid) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5843", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - }, - { - "name" : "VU#839457", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/839457" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ADP AGENCY Immobiliare (aka com.wAdpagencyAndroid) application 0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#839457", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/839457" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2809.json b/2015/2xxx/CVE-2015-2809.json index 9d3fe3fcbc8..06afe262865 100644 --- a/2015/2xxx/CVE-2015-2809.json +++ b/2015/2xxx/CVE-2015-2809.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2809", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2809", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.kb.cert.org/vuls/id/BLUU-9TLSHD", - "refsource" : "CONFIRM", - "url" : "http://www.kb.cert.org/vuls/id/BLUU-9TLSHD" - }, - { - "name" : "VU#550620", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/550620" - }, - { - "name" : "73683", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73683" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification) or obtain potentially sensitive information via port-5353 UDP packets to the Avahi component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.kb.cert.org/vuls/id/BLUU-9TLSHD", + "refsource": "CONFIRM", + "url": "http://www.kb.cert.org/vuls/id/BLUU-9TLSHD" + }, + { + "name": "73683", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73683" + }, + { + "name": "VU#550620", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/550620" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10726.json b/2016/10xxx/CVE-2016-10726.json index 9c5bc17a50d..656e2563c5d 100644 --- a/2016/10xxx/CVE-2016-10726.json +++ b/2016/10xxx/CVE-2016-10726.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10726", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10726", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5", - "refsource" : "MISC", - "url" : "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5" - }, - { - "name" : "https://jira.duraspace.org/browse/DS-3094", - "refsource" : "MISC", - "url" : "https://jira.duraspace.org/browse/DS-3094" - }, - { - "name" : "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes", - "refsource" : "MISC", - "url" : "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5", + "refsource": "MISC", + "url": "https://github.com/DSpace/DSpace/releases/tag/dspace-5.5" + }, + { + "name": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes", + "refsource": "MISC", + "url": "https://wiki.duraspace.org/display/DSDOC5x/Release+Notes" + }, + { + "name": "https://jira.duraspace.org/browse/DS-3094", + "refsource": "MISC", + "url": "https://jira.duraspace.org/browse/DS-3094" + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3615.json b/2016/3xxx/CVE-2016-3615.json index effd1fdbb29..c5ace6b7d65 100644 --- a/2016/3xxx/CVE-2016-3615.json +++ b/2016/3xxx/CVE-2016-3615.json @@ -1,152 +1,152 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3615", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-3615", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" - }, - { - "name" : "DSA-3624", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3624" - }, - { - "name" : "DSA-3632", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3632" - }, - { - "name" : "RHSA-2016:1601", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1601.html" - }, - { - "name" : "RHSA-2016:1602", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1602.html" - }, - { - "name" : "RHSA-2016:1603", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1603.html" - }, - { - "name" : "RHSA-2016:1604", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1604.html" - }, - { - "name" : "RHSA-2016:1637", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1637.html" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "openSUSE-SU-2016:2278", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" - }, - { - "name" : "USN-3040-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3040-1" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91960", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91960" - }, - { - "name" : "1036362", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036362" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3040-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3040-1" + }, + { + "name": "RHSA-2016:1603", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1603.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html" + }, + { + "name": "91960", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91960" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "DSA-3632", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3632" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/" + }, + { + "name": "RHSA-2016:1601", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1601.html" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168" + }, + { + "name": "1036362", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036362" + }, + { + "name": "openSUSE-SU-2016:2278", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html" + }, + { + "name": "DSA-3624", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3624" + }, + { + "name": "RHSA-2016:1637", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1637.html" + }, + { + "name": "RHSA-2016:1602", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1602.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "RHSA-2016:1604", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1604.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4618.json b/2016/4xxx/CVE-2016-4618.json index f0430456534..728582a41f4 100644 --- a/2016/4xxx/CVE-2016-4618.json +++ b/2016/4xxx/CVE-2016-4618.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4618", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka \"Universal XSS (UXSS).\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "https://support.apple.com/HT207157", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207157" - }, - { - "name" : "APPLE-SA-2016-09-20-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "93053", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93053" - }, - { - "name" : "1036854", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036854" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Safari Reader in Apple iOS before 10 and Safari before 10 allows remote attackers to inject arbitrary web script or HTML via a crafted web site, aka \"Universal XSS (UXSS).\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "https://support.apple.com/HT207157", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207157" + }, + { + "name": "93053", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93053" + }, + { + "name": "1036854", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036854" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + }, + { + "name": "APPLE-SA-2016-09-20-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00007.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8003.json b/2016/8xxx/CVE-2016-8003.json index bfe8c2909ef..88966777e63 100644 --- a/2016/8xxx/CVE-2016-8003.json +++ b/2016/8xxx/CVE-2016-8003.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-8003", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-8003", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8456.json b/2016/8xxx/CVE-2016-8456.json index 23aea04f297..8a24bef2443 100644 --- a/2016/8xxx/CVE-2016-8456.json +++ b/2016/8xxx/CVE-2016-8456.json @@ -1,70 +1,70 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security@google.com", - "ID" : "CVE-2016-8456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Android", - "version" : { - "version_data" : [ - { - "version_value" : "Kernel-3.10" - }, - { - "version_value" : "Kernel-3.18" - } - ] - } - } - ] - }, - "vendor_name" : "Google Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219255. References: B-RB#105580." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Elevation of privilege" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2016-8456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Android", + "version": { + "version_data": [ + { + "version_value": "Kernel-3.10" + }, + { + "version_value": "Kernel-3.18" + } + ] + } + } + ] + }, + "vendor_name": "Google Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-01-01.html", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-01-01.html" - }, - { - "name" : "95240", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95240" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219255. References: B-RB#105580." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-01-01.html", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-01-01.html" + }, + { + "name": "95240", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95240" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8714.json b/2016/8xxx/CVE-2016-8714.json index cecfd4c7d5c..820f3e432f3 100644 --- a/2016/8xxx/CVE-2016-8714.json +++ b/2016/8xxx/CVE-2016-8714.json @@ -1,75 +1,75 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "talos-cna@cisco.com", - "ID" : "CVE-2016-8714", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "R", - "version" : { - "version_data" : [ - { - "version_value" : "3.3.0" - }, - { - "version_value" : "3.3.2" - } - ] - } - } - ] - }, - "vendor_name" : "The R Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "buffer overflow" - } + "CVE_data_meta": { + "ASSIGNER": "talos-cna@cisco.com", + "ID": "CVE-2016-8714", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "R", + "version": { + "version_data": [ + { + "version_value": "3.3.0" + }, + { + "version_value": "3.3.2" + } + ] + } + } + ] + }, + "vendor_name": "The R Project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0227/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0227/" - }, - { - "name" : "DSA-3813", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3813" - }, - { - "name" : "96785", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96785" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0227/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0227/" + }, + { + "name": "96785", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96785" + }, + { + "name": "DSA-3813", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3813" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8798.json b/2016/8xxx/CVE-2016-8798.json index 5ccf305f5d0..19c6a1a0010 100644 --- a/2016/8xxx/CVE-2016-8798.json +++ b/2016/8xxx/CVE-2016-8798.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@huawei.com", - "ID" : "CVE-2016-8798", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "USG5500 V300R001C00 and V300R001C00", - "version" : { - "version_data" : [ - { - "version_value" : "USG5500 V300R001C00 and V300R001C00" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "defense mechanism bypass" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@huawei.com", + "ID": "CVE-2016-8798", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "USG5500 V300R001C00 and V300R001C00", + "version": { + "version_data": [ + { + "version_value": "USG5500 V300R001C00 and V300R001C00" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en", - "refsource" : "CONFIRM", - "url" : "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en" - }, - { - "name" : "93891", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93891" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Huawei USG5500 with software V300R001C00 and V300R001C00 allows attackers to bypass the anti-DDoS module of the USGs to cause a denial of service condition on the backend server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "defense mechanism bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en", + "refsource": "CONFIRM", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161026-01-usg-en" + }, + { + "name": "93891", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93891" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9515.json b/2016/9xxx/CVE-2016-9515.json index 18e686ea001..f84fff8bdad 100644 --- a/2016/9xxx/CVE-2016-9515.json +++ b/2016/9xxx/CVE-2016-9515.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9515", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9515", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9624.json b/2016/9xxx/CVE-2016-9624.json index a3aab2fb352..393cf651774 100644 --- a/2016/9xxx/CVE-2016-9624.json +++ b/2016/9xxx/CVE-2016-9624.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9624", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9624", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/24/1" - }, - { - "name" : "https://github.com/tats/w3m/blob/master/ChangeLog", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/blob/master/ChangeLog" - }, - { - "name" : "https://github.com/tats/w3m/issues/35", - "refsource" : "CONFIRM", - "url" : "https://github.com/tats/w3m/issues/35" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/tats/w3m/blob/master/ChangeLog", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/blob/master/ChangeLog" + }, + { + "name": "https://github.com/tats/w3m/issues/35", + "refsource": "CONFIRM", + "url": "https://github.com/tats/w3m/issues/35" + }, + { + "name": "[oss-security] 20161123 Re: CVE request: w3m - multiple vulnerabilities", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/24/1" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9643.json b/2016/9xxx/CVE-2016-9643.json index bab631f6111..e9f7b3c7db3 100644 --- a/2016/9xxx/CVE-2016-9643.json +++ b/2016/9xxx/CVE-2016-9643.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9643", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9643", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20161126 CVE Request: resource exhaustion in regex expression handling in WebKit", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/26/2" - }, - { - "name" : "[oss-security] 20161126 Re: CVE Request: resource exhaustion in regex expression handling in WebKit", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/11/26/5" - }, - { - "name" : "GLSA-201706-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201706-15" - }, - { - "name" : "94559", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94559" - }, - { - "name" : "1038137", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1038137" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1038137", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1038137" + }, + { + "name": "[oss-security] 20161126 Re: CVE Request: resource exhaustion in regex expression handling in WebKit", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/26/5" + }, + { + "name": "GLSA-201706-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201706-15" + }, + { + "name": "[oss-security] 20161126 CVE Request: resource exhaustion in regex expression handling in WebKit", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/11/26/2" + }, + { + "name": "94559", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94559" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9836.json b/2016/9xxx/CVE-2016-9836.json index 958dd3820e4..d75c3ebcb48 100644 --- a/2016/9xxx/CVE-2016-9836.json +++ b/2016/9xxx/CVE-2016-9836.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9836", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9836", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/XiphosResearch/exploits/tree/master/Joomraa", - "refsource" : "MISC", - "url" : "https://github.com/XiphosResearch/exploits/tree/master/Joomraa" - }, - { - "name" : "94663", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the `.php6`, `.php7`, `.phtml`, and `.phpt` extensions. Additionally, JHelperMedia::canUpload() did not blacklist these file extensions as uploadable file types." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/XiphosResearch/exploits/tree/master/Joomraa", + "refsource": "MISC", + "url": "https://github.com/XiphosResearch/exploits/tree/master/Joomraa" + }, + { + "name": "94663", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94663" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9871.json b/2016/9xxx/CVE-2016-9871.json index 0b548bc8a6f..65f1eb4bdac 100644 --- a/2016/9xxx/CVE-2016-9871.json +++ b/2016/9xxx/CVE-2016-9871.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security_alert@emc.com", - "ID" : "CVE-2016-9871", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x", - "version" : { - "version_data" : [ - { - "version_value" : "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Privilege Escalation Vulnerability" - } + "CVE_data_meta": { + "ASSIGNER": "security_alert@emc.com", + "ID": "CVE-2016-9871", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x", + "version": { + "version_data": [ + { + "version_value": "EMC Isilon OneFS EMC Isilon OneFS 7.2.1.0 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.securityfocus.com/archive/1/540050/30/0/threaded", - "refsource" : "CONFIRM", - "url" : "http://www.securityfocus.com/archive/1/540050/30/0/threaded" - }, - { - "name" : "95800", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "EMC Isilon OneFS 7.2.1.0 - 7.2.1.3, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, EMC Isilon OneFS 7.1.0.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Privilege Escalation Vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "95800", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95800" + }, + { + "name": "http://www.securityfocus.com/archive/1/540050/30/0/threaded", + "refsource": "CONFIRM", + "url": "http://www.securityfocus.com/archive/1/540050/30/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2061.json b/2019/2xxx/CVE-2019-2061.json index bbc99abbaf3..fcda33a7430 100644 --- a/2019/2xxx/CVE-2019-2061.json +++ b/2019/2xxx/CVE-2019-2061.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2061", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2061", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2397.json b/2019/2xxx/CVE-2019-2397.json index eb01b797080..3d2c0e18eba 100644 --- a/2019/2xxx/CVE-2019-2397.json +++ b/2019/2xxx/CVE-2019-2397.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2019-2397", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hospitality Reporting and Analytics", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "9.1.0" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2019-2397", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hospitality Reporting and Analytics", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "9.1.0" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "106576", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106576" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "106576", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106576" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2771.json b/2019/2xxx/CVE-2019-2771.json index eb9080abb59..2ee76f0eb5b 100644 --- a/2019/2xxx/CVE-2019-2771.json +++ b/2019/2xxx/CVE-2019-2771.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2771", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2771", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2868.json b/2019/2xxx/CVE-2019-2868.json index 1da4c8f1c5c..e676e3973b8 100644 --- a/2019/2xxx/CVE-2019-2868.json +++ b/2019/2xxx/CVE-2019-2868.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2868", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2868", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2912.json b/2019/2xxx/CVE-2019-2912.json index 2cecc12d8a1..e0693f92e22 100644 --- a/2019/2xxx/CVE-2019-2912.json +++ b/2019/2xxx/CVE-2019-2912.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2912", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2912", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6120.json b/2019/6xxx/CVE-2019-6120.json index b11587518ac..a55c72fec11 100644 --- a/2019/6xxx/CVE-2019-6120.json +++ b/2019/6xxx/CVE-2019-6120.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6120", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6120", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6695.json b/2019/6xxx/CVE-2019-6695.json index e1735b6504f..c59f4232d7a 100644 --- a/2019/6xxx/CVE-2019-6695.json +++ b/2019/6xxx/CVE-2019-6695.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6695", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6695", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6979.json b/2019/6xxx/CVE-2019-6979.json index eaf96a220a5..af23050a777 100644 --- a/2019/6xxx/CVE-2019-6979.json +++ b/2019/6xxx/CVE-2019-6979.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6979", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6979", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46273", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46273/" - }, - { - "name" : "https://github.com/JeremyCrookshank/IP_History_Logs/pull/1", - "refsource" : "MISC", - "url" : "https://github.com/JeremyCrookshank/IP_History_Logs/pull/1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB. There is XSS via the admin/modules/tools/ip_history_logs.php useragent field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "46273", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46273/" + }, + { + "name": "https://github.com/JeremyCrookshank/IP_History_Logs/pull/1", + "refsource": "MISC", + "url": "https://github.com/JeremyCrookshank/IP_History_Logs/pull/1" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7308.json b/2019/7xxx/CVE-2019-7308.json index 22cc0aa9fd2..55dccb4470c 100644 --- a/2019/7xxx/CVE-2019-7308.json +++ b/2019/7xxx/CVE-2019-7308.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7308", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7308", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38", - "refsource" : "MISC", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3bd7413e0ca40b60cf60d4003246d067cafdeda", - "refsource" : "MISC", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3bd7413e0ca40b60cf60d4003246d067cafdeda" - }, - { - "name" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1711", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/project-zero/issues/detail?id=1711" - }, - { - "name" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.6", - "refsource" : "MISC", - "url" : "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.6" - }, - { - "name" : "https://github.com/torvalds/linux/commit/979d63d50c0c0f7bc537bf821e056cc9fe5abd38", - "refsource" : "MISC", - "url" : "https://github.com/torvalds/linux/commit/979d63d50c0c0f7bc537bf821e056cc9fe5abd38" - }, - { - "name" : "https://github.com/torvalds/linux/commit/d3bd7413e0ca40b60cf60d4003246d067cafdeda", - "refsource" : "MISC", - "url" : "https://github.com/torvalds/linux/commit/d3bd7413e0ca40b60cf60d4003246d067cafdeda" - }, - { - "name" : "106827", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/979d63d50c0c0f7bc537bf821e056cc9fe5abd38", + "refsource": "MISC", + "url": "https://github.com/torvalds/linux/commit/979d63d50c0c0f7bc537bf821e056cc9fe5abd38" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3bd7413e0ca40b60cf60d4003246d067cafdeda", + "refsource": "MISC", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d3bd7413e0ca40b60cf60d4003246d067cafdeda" + }, + { + "name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1711", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1711" + }, + { + "name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.6", + "refsource": "MISC", + "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.6" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38", + "refsource": "MISC", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=979d63d50c0c0f7bc537bf821e056cc9fe5abd38" + }, + { + "name": "https://github.com/torvalds/linux/commit/d3bd7413e0ca40b60cf60d4003246d067cafdeda", + "refsource": "MISC", + "url": "https://github.com/torvalds/linux/commit/d3bd7413e0ca40b60cf60d4003246d067cafdeda" + }, + { + "name": "106827", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106827" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7772.json b/2019/7xxx/CVE-2019-7772.json index b70e9a7cb78..2c56ce288c0 100644 --- a/2019/7xxx/CVE-2019-7772.json +++ b/2019/7xxx/CVE-2019-7772.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7772", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7772", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file