From f43af539b3069c4b0c6031ffbf0b0fe76279a3bf Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:49:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0367.json | 120 ++++++------ 1999/0xxx/CVE-1999-0867.json | 150 +++++++-------- 2005/2xxx/CVE-2005-2086.json | 130 ++++++------- 2005/2xxx/CVE-2005-2110.json | 160 ++++++++-------- 2005/2xxx/CVE-2005-2496.json | 230 +++++++++++------------ 2005/2xxx/CVE-2005-2922.json | 230 +++++++++++------------ 2007/5xxx/CVE-2007-5217.json | 190 +++++++++---------- 2007/5xxx/CVE-2007-5319.json | 190 +++++++++---------- 2007/5xxx/CVE-2007-5727.json | 180 +++++++++--------- 2007/5xxx/CVE-2007-5993.json | 170 ++++++++--------- 2009/2xxx/CVE-2009-2683.json | 130 ++++++------- 2009/2xxx/CVE-2009-2881.json | 140 +++++++------- 2015/0xxx/CVE-2015-0370.json | 150 +++++++-------- 2015/0xxx/CVE-2015-0418.json | 180 +++++++++--------- 2015/3xxx/CVE-2015-3368.json | 160 ++++++++-------- 2015/3xxx/CVE-2015-3458.json | 150 +++++++-------- 2015/3xxx/CVE-2015-3801.json | 170 ++++++++--------- 2015/4xxx/CVE-2015-4045.json | 140 +++++++------- 2015/4xxx/CVE-2015-4066.json | 150 +++++++-------- 2015/4xxx/CVE-2015-4117.json | 140 +++++++------- 2015/4xxx/CVE-2015-4978.json | 34 ++-- 2015/8xxx/CVE-2015-8160.json | 34 ++-- 2015/8xxx/CVE-2015-8222.json | 140 +++++++------- 2015/8xxx/CVE-2015-8271.json | 140 +++++++------- 2015/8xxx/CVE-2015-8353.json | 160 ++++++++-------- 2015/9xxx/CVE-2015-9130.json | 132 ++++++------- 2015/9xxx/CVE-2015-9143.json | 132 ++++++------- 2016/5xxx/CVE-2016-5056.json | 120 ++++++------ 2016/5xxx/CVE-2016-5244.json | 350 +++++++++++++++++------------------ 2016/5xxx/CVE-2016-5469.json | 150 +++++++-------- 2016/5xxx/CVE-2016-5553.json | 140 +++++++------- 2016/5xxx/CVE-2016-5773.json | 230 +++++++++++------------ 2018/2xxx/CVE-2018-2444.json | 156 ++++++++-------- 2018/2xxx/CVE-2018-2851.json | 140 +++++++------- 2018/6xxx/CVE-2018-6132.json | 34 ++-- 2018/6xxx/CVE-2018-6754.json | 34 ++-- 2018/6xxx/CVE-2018-6821.json | 34 ++-- 2018/6xxx/CVE-2018-6928.json | 120 ++++++------ 2019/0xxx/CVE-2019-0213.json | 34 ++-- 2019/0xxx/CVE-2019-0685.json | 34 ++-- 2019/0xxx/CVE-2019-0841.json | 34 ++-- 2019/1xxx/CVE-2019-1017.json | 34 ++-- 2019/1xxx/CVE-2019-1032.json | 34 ++-- 2019/1xxx/CVE-2019-1226.json | 34 ++-- 2019/1xxx/CVE-2019-1346.json | 34 ++-- 2019/1xxx/CVE-2019-1422.json | 34 ++-- 2019/5xxx/CVE-2019-5590.json | 34 ++-- 2019/5xxx/CVE-2019-5799.json | 34 ++-- 2019/5xxx/CVE-2019-5914.json | 130 ++++++------- 49 files changed, 3005 insertions(+), 3005 deletions(-) diff --git a/1999/0xxx/CVE-1999-0367.json b/1999/0xxx/CVE-1999-0367.json index 05bba51956e..0892ad89ae8 100644 --- a/1999/0xxx/CVE-1999-0367.json +++ b/1999/0xxx/CVE-1999-0367.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0367", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NetBSD netstat command allows local users to access kernel memory." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0367", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "7571", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/7571" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NetBSD netstat command allows local users to access kernel memory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "7571", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/7571" + } + ] + } +} \ No newline at end of file diff --git a/1999/0xxx/CVE-1999-0867.json b/1999/0xxx/CVE-1999-0867.json index 452b559548e..ef036d1e5d2 100644 --- a/1999/0xxx/CVE-1999-0867.json +++ b/1999/0xxx/CVE-1999-0867.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0867", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0867", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS99-029", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-029" - }, - { - "name" : "Q238349", - "refsource" : "MSKB", - "url" : "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238349" - }, - { - "name" : "J-058", - "refsource" : "CIAC", - "url" : "http://www.ciac.org/ciac/bulletins/j-058.shtml" - }, - { - "name" : "579", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/579" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "Q238349", + "refsource": "MSKB", + "url": "http://support.microsoft.com/default.aspx?scid=kb;[LN];Q238349" + }, + { + "name": "J-058", + "refsource": "CIAC", + "url": "http://www.ciac.org/ciac/bulletins/j-058.shtml" + }, + { + "name": "MS99-029", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-029" + }, + { + "name": "579", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/579" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2086.json b/2005/2xxx/CVE-2005-2086.json index e4691762d0e..f16ce3e5b3f 100644 --- a/2005/2xxx/CVE-2005-2086.json +++ b/2005/2xxx/CVE-2005-2086.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2086", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2086", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050628 Security Advisory - phpBB 2.0.15 PHP-code injection bug", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=111999905917019&w=2" - }, - { - "name" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011", - "refsource" : "CONFIRM", - "url" : "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in viewtopic.php in phpBB 2.0.15 and earlier allows remote attackers to execute arbitrary PHP code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011", + "refsource": "CONFIRM", + "url": "http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011" + }, + { + "name": "20050628 Security Advisory - phpBB 2.0.15 PHP-code injection bug", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=111999905917019&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2110.json b/2005/2xxx/CVE-2005-2110.json index c0fa8358a27..96eab31e357 100644 --- a/2005/2xxx/CVE-2005-2110.json +++ b/2005/2xxx/CVE-2005-2110.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a \"1\" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050629 WordPress 1.5.1.2 && Earlier Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112006967221438&w=2" - }, - { - "name" : "http://www.gulftech.org/?node=research&article_id=00085-06282005", - "refsource" : "MISC", - "url" : "http://www.gulftech.org/?node=research&article_id=00085-06282005" - }, - { - "name" : "20060227 WordPress 2.0.1 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/426304/100/0/threaded" - }, - { - "name" : "http://NeoSecurityTeam.net/advisories/Advisory-17.txt", - "refsource" : "MISC", - "url" : "http://NeoSecurityTeam.net/advisories/Advisory-17.txt" - }, - { - "name" : "15831", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15831" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via (1) a direct request to menu-header.php or a \"1\" value in the feed parameter to (2) wp-atom.php, (3) wp-rss.php, or (4) wp-rss2.php, which reveal the path in an error message. NOTE: vector [1] was later reported to also affect WordPress 2.0.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://NeoSecurityTeam.net/advisories/Advisory-17.txt", + "refsource": "MISC", + "url": "http://NeoSecurityTeam.net/advisories/Advisory-17.txt" + }, + { + "name": "20060227 WordPress 2.0.1 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/426304/100/0/threaded" + }, + { + "name": "15831", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15831" + }, + { + "name": "http://www.gulftech.org/?node=research&article_id=00085-06282005", + "refsource": "MISC", + "url": "http://www.gulftech.org/?node=research&article_id=00085-06282005" + }, + { + "name": "20050629 WordPress 1.5.1.2 && Earlier Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112006967221438&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2496.json b/2005/2xxx/CVE-2005-2496.json index 5edf147a9ef..76012c9e3c2 100644 --- a/2005/2xxx/CVE-2005-2496.json +++ b/2005/2xxx/CVE-2005-2496.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2496", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2005-2496", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "DSA-801", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-801" - }, - { - "name" : "FEDORA-2005-812", - "refsource" : "FEDORA", - "url" : "http://www.securityspace.com/smysecure/catid.html?id=55155" - }, - { - "name" : "MDKSA-2005:156", - "refsource" : "MANDRAKE", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156" - }, - { - "name" : "RHSA-2006:0393", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2006-0393.html" - }, - { - "name" : "oval:org.mitre.oval:def:9669", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669" - }, - { - "name" : "ADV-2005-1561", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/1561" - }, - { - "name" : "14673", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14673" - }, - { - "name" : "19055", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/19055" - }, - { - "name" : "1016679", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1016679" - }, - { - "name" : "16602", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16602" - }, - { - "name" : "21464", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/21464" - }, - { - "name" : "ntp-incorrect-group-permissions(22035)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "14673", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14673" + }, + { + "name": "RHSA-2006:0393", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2006-0393.html" + }, + { + "name": "FEDORA-2005-812", + "refsource": "FEDORA", + "url": "http://www.securityspace.com/smysecure/catid.html?id=55155" + }, + { + "name": "19055", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/19055" + }, + { + "name": "21464", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/21464" + }, + { + "name": "1016679", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1016679" + }, + { + "name": "16602", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16602" + }, + { + "name": "ADV-2005-1561", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/1561" + }, + { + "name": "MDKSA-2005:156", + "refsource": "MANDRAKE", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:156" + }, + { + "name": "ntp-incorrect-group-permissions(22035)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/22035" + }, + { + "name": "DSA-801", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-801" + }, + { + "name": "oval:org.mitre.oval:def:9669", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9669" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2922.json b/2005/2xxx/CVE-2005-2922.json index b625f29156c..fc1e82b8a5e 100644 --- a/2005/2xxx/CVE-2005-2922.json +++ b/2005/2xxx/CVE-2005-2922.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2922", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2922", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.service.real.com/realplayer/security/03162006_player/en/", - "refsource" : "CONFIRM", - "url" : "http://www.service.real.com/realplayer/security/03162006_player/en/" - }, - { - "name" : "RHSA-2005:762", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-762.html" - }, - { - "name" : "RHSA-2005:788", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2005-788.html" - }, - { - "name" : "SUSE-SA:2006:018", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html" - }, - { - "name" : "VU#172489", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/172489" - }, - { - "name" : "17202", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/17202" - }, - { - "name" : "oval:org.mitre.oval:def:11444", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444" - }, - { - "name" : "ADV-2006-1057", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/1057" - }, - { - "name" : "1015808", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015808" - }, - { - "name" : "19358", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19358" - }, - { - "name" : "19365", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/19365" - }, - { - "name" : "realnetworks-chunked-transferencoding-bo(25409)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in the embedded player in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, and Helix Player allows remote malicious servers to cause a denial of service (crash) and possibly execute arbitrary code via a chunked Transfer-Encoding HTTP response in which either (1) the chunk header length is specified as -1, (2) the chunk header with a length that is less than the actual amount of sent data, or (3) a missing chunk header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.service.real.com/realplayer/security/03162006_player/en/", + "refsource": "CONFIRM", + "url": "http://www.service.real.com/realplayer/security/03162006_player/en/" + }, + { + "name": "19358", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19358" + }, + { + "name": "oval:org.mitre.oval:def:11444", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11444" + }, + { + "name": "SUSE-SA:2006:018", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2006_18_realplayer.html" + }, + { + "name": "ADV-2006-1057", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/1057" + }, + { + "name": "1015808", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015808" + }, + { + "name": "RHSA-2005:788", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-788.html" + }, + { + "name": "realnetworks-chunked-transferencoding-bo(25409)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25409" + }, + { + "name": "19365", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/19365" + }, + { + "name": "17202", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/17202" + }, + { + "name": "VU#172489", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/172489" + }, + { + "name": "RHSA-2005:762", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2005-762.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5217.json b/2007/5xxx/CVE-2007-5217.json index 620acc471a0..7076e16c657 100644 --- a/2007/5xxx/CVE-2007-5217.json +++ b/2007/5xxx/CVE-2007-5217.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5217", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code via a long argument to the Install method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5217", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "25903", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25903" - }, - { - "name" : "ADV-2007-3335", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3335" - }, - { - "name" : "ADV-2007-3336", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3336" - }, - { - "name" : "37785", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37785" - }, - { - "name" : "38435", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38435" - }, - { - "name" : "26970", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26970" - }, - { - "name" : "26972", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26972" - }, - { - "name" : "altnet-download-activex-bo(36929)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the ADM4 ActiveX control in adm4.dll in Altnet Download Manager 4.0.0.6, as used in (1) Kazaa 3.2.7 and (2) Grokster, allows remote attackers to execute arbitrary code via a long argument to the Install method. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "altnet-download-activex-bo(36929)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36929" + }, + { + "name": "25903", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25903" + }, + { + "name": "ADV-2007-3336", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3336" + }, + { + "name": "26972", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26972" + }, + { + "name": "ADV-2007-3335", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3335" + }, + { + "name": "37785", + "refsource": "OSVDB", + "url": "http://osvdb.org/37785" + }, + { + "name": "38435", + "refsource": "OSVDB", + "url": "http://osvdb.org/38435" + }, + { + "name": "26970", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26970" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5319.json b/2007/5xxx/CVE-2007-5319.json index 8a16dc6b639..9af18f40618 100644 --- a/2007/5xxx/CVE-2007-5319.json +++ b/2007/5xxx/CVE-2007-5319.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5319", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service (\"unusable\" system console) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5319", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "103065", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103065-1" - }, - { - "name" : "25971", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25971" - }, - { - "name" : "ADV-2007-3416", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3416" - }, - { - "name" : "37715", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37715" - }, - { - "name" : "oval:org.mitre.oval:def:1989", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1989" - }, - { - "name" : "1018781", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018781" - }, - { - "name" : "27135", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27135" - }, - { - "name" : "solaris-vuidmice-dos(37021)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37021" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the vuidmice STREAMS modules in Sun Solaris 8, 9, and 10 allows local users with console (/dev/console) access to cause a denial of service (\"unusable\" system console) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1018781", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018781" + }, + { + "name": "solaris-vuidmice-dos(37021)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37021" + }, + { + "name": "ADV-2007-3416", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3416" + }, + { + "name": "oval:org.mitre.oval:def:1989", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1989" + }, + { + "name": "37715", + "refsource": "OSVDB", + "url": "http://osvdb.org/37715" + }, + { + "name": "27135", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27135" + }, + { + "name": "25971", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25971" + }, + { + "name": "103065", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103065-1" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5727.json b/2007/5xxx/CVE-2007-5727.json index e2ed0b0b7f8..d45edaf2722 100644 --- a/2007/5xxx/CVE-2007-5727.json +++ b/2007/5xxx/CVE-2007-5727.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5727", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in the description parameter to (1) tcreate.php or (2) tupdate.php, as demonstrated using an onmouseover event in a b tag." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5727", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071022 usd250 helpdesk XSS vulnerabily.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482790/100/0/threaded" - }, - { - "name" : "26217", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26217" - }, - { - "name" : "26208", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26208" - }, - { - "name" : "38215", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38215" - }, - { - "name" : "38836", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38836" - }, - { - "name" : "27415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27415" - }, - { - "name" : "3320", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3320" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Incomplete blacklist vulnerability in the stripScripts function in common.php in OneOrZero Helpdesk 1.6.5.4, 1.6.4.2, and possibly other versions, allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary web script or HTML via XSS sequences without SCRIPT tags in the description parameter to (1) tcreate.php or (2) tupdate.php, as demonstrated using an onmouseover event in a b tag." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38836", + "refsource": "OSVDB", + "url": "http://osvdb.org/38836" + }, + { + "name": "20071022 usd250 helpdesk XSS vulnerabily.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482790/100/0/threaded" + }, + { + "name": "27415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27415" + }, + { + "name": "3320", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3320" + }, + { + "name": "26208", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26208" + }, + { + "name": "38215", + "refsource": "OSVDB", + "url": "http://osvdb.org/38215" + }, + { + "name": "26217", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26217" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5993.json b/2007/5xxx/CVE-2007-5993.json index 9e3a754c8b9..258d0761b00 100644 --- a/2007/5xxx/CVE-2007-5993.json +++ b/2007/5xxx/CVE-2007-5993.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5993", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071113 [ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483622/100/0/threaded" - }, - { - "name" : "26419", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26419" - }, - { - "name" : "38708", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38708" - }, - { - "name" : "27661", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27661" - }, - { - "name" : "3369", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3369" - }, - { - "name" : "vtls-webgateway-xss(38444)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38444" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "vtls-webgateway-xss(38444)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38444" + }, + { + "name": "27661", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27661" + }, + { + "name": "26419", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26419" + }, + { + "name": "38708", + "refsource": "OSVDB", + "url": "http://osvdb.org/38708" + }, + { + "name": "20071113 [ISecAuditors Security Advisories] VTLS.web.gateway cgi is vulnerable to XSS", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483622/100/0/threaded" + }, + { + "name": "3369", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3369" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2683.json b/2009/2xxx/CVE-2009-2683.json index 47fbef11ff6..1f1b2d5d5b5 100644 --- a/2009/2xxx/CVE-2009-2683.json +++ b/2009/2xxx/CVE-2009-2683.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2683", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Sender module in HP Remote Graphics Software (RGS) 5.1.3 through 5.2.6 allows remote authenticated users to execute arbitrary code via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2683", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "HPSBMA02461", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/506783/100/0/threaded" - }, - { - "name" : "SSRT090187", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/506783/100/0/threaded" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Sender module in HP Remote Graphics Software (RGS) 5.1.3 through 5.2.6 allows remote authenticated users to execute arbitrary code via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBMA02461", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/506783/100/0/threaded" + }, + { + "name": "SSRT090187", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/506783/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2881.json b/2009/2xxx/CVE-2009-2881.json index 89f1c30101d..fc9836afbd5 100644 --- a/2009/2xxx/CVE-2009-2881.json +++ b/2009/2xxx/CVE-2009-2881.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2881", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2009-2881", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "9246", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/9246" - }, - { - "name" : "ADV-2009-2005", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2009/2005" - }, - { - "name" : "basilic-index-sql-injection(51992)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/51992" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in Basilic 1.5.13 allow remote attackers to execute arbitrary SQL commands via the idAuthor parameter to (1) index.php and possibly (2) allpubs.php in publications/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2009-2005", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2009/2005" + }, + { + "name": "basilic-index-sql-injection(51992)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51992" + }, + { + "name": "9246", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/9246" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0370.json b/2015/0xxx/CVE-2015-0370.json index c4cdadbedc3..549c3bea7b6 100644 --- a/2015/0xxx/CVE-2015-0370.json +++ b/2015/0xxx/CVE-2015-0370.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0370", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2013-5858." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0370", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "72171", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72171" - }, - { - "name" : "1031572", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031572" - }, - { - "name" : "oracle-cpujan2015-cve20150370(100072)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100072" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a different vulnerability than CVE-2013-5858." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "oracle-cpujan2015-cve20150370(100072)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100072" + }, + { + "name": "72171", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72171" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "1031572", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031572" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0418.json b/2015/0xxx/CVE-2015-0418.json index a8129b70977..17b5713fb01 100644 --- a/2015/0xxx/CVE-2015-0418.json +++ b/2015/0xxx/CVE-2015-0418.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0418", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-0418", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" - }, - { - "name" : "DSA-3143", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3143" - }, - { - "name" : "GLSA-201612-27", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-27" - }, - { - "name" : "openSUSE-SU-2015:0229", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html" - }, - { - "name" : "72194", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72194" - }, - { - "name" : "62694", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/62694" - }, - { - "name" : "oracle-cpujan2015-cve20150418(100182)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/100182" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201612-27", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-27" + }, + { + "name": "72194", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72194" + }, + { + "name": "62694", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/62694" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html" + }, + { + "name": "oracle-cpujan2015-cve20150418(100182)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100182" + }, + { + "name": "DSA-3143", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3143" + }, + { + "name": "openSUSE-SU-2015:0229", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-02/msg00030.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3368.json b/2015/3xxx/CVE-2015-3368.json index 20912c50f3b..bd65b836f36 100644 --- a/2015/3xxx/CVE-2015-3368.json +++ b/2015/3xxx/CVE-2015-3368.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3368", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via a category name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2411527", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2411527" - }, - { - "name" : "https://www.drupal.org/node/2407783", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2407783" - }, - { - "name" : "https://www.drupal.org/node/2407785", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2407785" - }, - { - "name" : "74267", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74267" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified Ads module before 6.x-3.1 and 7.x-3.x before 7.x-3.1 for Drupal allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via a category name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2407783", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2407783" + }, + { + "name": "https://www.drupal.org/node/2411527", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2411527" + }, + { + "name": "https://www.drupal.org/node/2407785", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2407785" + }, + { + "name": "74267", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74267" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3458.json b/2015/3xxx/CVE-2015-3458.json index fb93396ea3b..5f82bdb0dc2 100644 --- a/2015/3xxx/CVE-2015-3458.json +++ b/2015/3xxx/CVE-2015-3458.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3458", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 does not restrict the stream wrapper used in a template path, which allows remote administrators to include and execute arbitrary PHP files via the phar:// stream wrapper, related to the setScriptPath function. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have privileges to include arbitrary files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/", - "refsource" : "MISC", - "url" : "http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/" - }, - { - "name" : "http://magento.com/blog/technical/critical-security-advisory-remote-code-execution-rce-vulnerability", - "refsource" : "CONFIRM", - "url" : "http://magento.com/blog/technical/critical-security-advisory-remote-code-execution-rce-vulnerability" - }, - { - "name" : "74412", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74412" - }, - { - "name" : "1032230", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032230" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The fetchView function in the Mage_Core_Block_Template_Zend class in Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 does not restrict the stream wrapper used in a template path, which allows remote administrators to include and execute arbitrary PHP files via the phar:// stream wrapper, related to the setScriptPath function. NOTE: it is not clear whether this issue crosses privilege boundaries, since administrators might already have privileges to include arbitrary files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://magento.com/blog/technical/critical-security-advisory-remote-code-execution-rce-vulnerability", + "refsource": "CONFIRM", + "url": "http://magento.com/blog/technical/critical-security-advisory-remote-code-execution-rce-vulnerability" + }, + { + "name": "74412", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74412" + }, + { + "name": "1032230", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032230" + }, + { + "name": "http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/", + "refsource": "MISC", + "url": "http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3801.json b/2015/3xxx/CVE-2015-3801.json index 4fec032b6e2..93bf7c30c16 100644 --- a/2015/3xxx/CVE-2015-3801.json +++ b/2015/3xxx/CVE-2015-3801.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3801", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-3801", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205212", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205212" - }, - { - "name" : "https://support.apple.com/HT205265", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205265" - }, - { - "name" : "APPLE-SA-2015-09-16-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html" - }, - { - "name" : "APPLE-SA-2015-09-30-2", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html" - }, - { - "name" : "76764", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76764" - }, - { - "name" : "1033609", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033609" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033609", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033609" + }, + { + "name": "https://support.apple.com/HT205212", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205212" + }, + { + "name": "76764", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76764" + }, + { + "name": "https://support.apple.com/HT205265", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205265" + }, + { + "name": "APPLE-SA-2015-09-30-2", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00007.html" + }, + { + "name": "APPLE-SA-2015-09-16-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Sep/msg00001.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4045.json b/2015/4xxx/CVE-2015-4045.json index dd52c79ea93..0278a03bb72 100644 --- a/2015/4xxx/CVE-2015-4045.json +++ b/2015/4xxx/CVE-2015-4045.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4045", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4045", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://sysdream.com/uploads/media/default/0001/01/8c6a70098657b4474fe7abe9bcdd5e73b234b610.pdf", - "refsource" : "MISC", - "url" : "https://sysdream.com/uploads/media/default/0001/01/8c6a70098657b4474fe7abe9bcdd5e73b234b610.pdf" - }, - { - "name" : "https://www.alienvault.com/forums/discussion/5127/", - "refsource" : "CONFIRM", - "url" : "https://www.alienvault.com/forums/discussion/5127/" - }, - { - "name" : "74791", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74791" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users to gain privileges via a crafted nmap script." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74791", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74791" + }, + { + "name": "https://sysdream.com/uploads/media/default/0001/01/8c6a70098657b4474fe7abe9bcdd5e73b234b610.pdf", + "refsource": "MISC", + "url": "https://sysdream.com/uploads/media/default/0001/01/8c6a70098657b4474fe7abe9bcdd5e73b234b610.pdf" + }, + { + "name": "https://www.alienvault.com/forums/discussion/5127/", + "refsource": "CONFIRM", + "url": "https://www.alienvault.com/forums/discussion/5127/" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4066.json b/2015/4xxx/CVE-2015-4066.json index 85ce5489c30..e98af58c335 100644 --- a/2015/4xxx/CVE-2015-4066.json +++ b/2015/4xxx/CVE-2015-4066.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4066", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4066", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37109", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37109/" - }, - { - "name" : "http://packetstormsecurity.com/files/132036/WordPress-GigPress-2.3.8-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/132036/WordPress-GigPress-2.3.8-SQL-Injection.html" - }, - { - "name" : "https://wordpress.org/plugins/gigpress/changelog/", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/gigpress/changelog/" - }, - { - "name" : "74747", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74747" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1) show_artist_id or (2) show_venue_id parameter in an add action in the gigpress.php page to wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/132036/WordPress-GigPress-2.3.8-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/132036/WordPress-GigPress-2.3.8-SQL-Injection.html" + }, + { + "name": "37109", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37109/" + }, + { + "name": "74747", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74747" + }, + { + "name": "https://wordpress.org/plugins/gigpress/changelog/", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/gigpress/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4117.json b/2015/4xxx/CVE-2015-4117.json index f9b840cd305..87116261a1c 100644 --- a/2015/4xxx/CVE-2015-4117.json +++ b/2015/4xxx/CVE-2015-4117.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4117", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4117", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37369", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37369/" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23261", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23261" - }, - { - "name" : "http://vestacp.com/roadmap/#history", - "refsource" : "CONFIRM", - "url" : "http://vestacp.com/roadmap/#history" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37369", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37369/" + }, + { + "name": "http://vestacp.com/roadmap/#history", + "refsource": "CONFIRM", + "url": "http://vestacp.com/roadmap/#history" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23261", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23261" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4978.json b/2015/4xxx/CVE-2015-4978.json index 2b5cefce21a..8efa8d86149 100644 --- a/2015/4xxx/CVE-2015-4978.json +++ b/2015/4xxx/CVE-2015-4978.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4978", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4978", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8160.json b/2015/8xxx/CVE-2015-8160.json index 11494c356b4..763dabdca8c 100644 --- a/2015/8xxx/CVE-2015-8160.json +++ b/2015/8xxx/CVE-2015-8160.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8160", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8160", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8222.json b/2015/8xxx/CVE-2015-8222.json index 83a4ff69886..ae2fc7029a0 100644 --- a/2015/8xxx/CVE-2015-8222.json +++ b/2015/8xxx/CVE-2015-8222.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8222", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8222", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689" - }, - { - "name" : "https://github.com/lxc/lxd/issues/1307", - "refsource" : "CONFIRM", - "url" : "https://github.com/lxc/lxd/issues/1307" - }, - { - "name" : "USN-2809-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2809-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1515689" + }, + { + "name": "USN-2809-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2809-1" + }, + { + "name": "https://github.com/lxc/lxd/issues/1307", + "refsource": "CONFIRM", + "url": "https://github.com/lxc/lxd/issues/1307" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8271.json b/2015/8xxx/CVE-2015-8271.json index 892a35b436d..9fc61688dee 100644 --- a/2015/8xxx/CVE-2015-8271.json +++ b/2015/8xxx/CVE-2015-8271.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8271", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-8271", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0067/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0067/" - }, - { - "name" : "DSA-3850", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2017/dsa-3850" - }, - { - "name" : "95125", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95125" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0067/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0067/" + }, + { + "name": "95125", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95125" + }, + { + "name": "DSA-3850", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2017/dsa-3850" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8353.json b/2015/8xxx/CVE-2015-8353.json index e8b171b177b..5ea72218b31 100644 --- a/2015/8xxx/CVE-2015-8353.json +++ b/2015/8xxx/CVE-2015-8353.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8353", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the object_name parameter in a rs-object_role_edit page to wp-admin/admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8353", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151202 Reflected XSS in Role Scoper WordPress Plugin", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537019/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/134600/WordPress-Role-Scoper-1.3.66-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/134600/WordPress-Role-Scoper-1.3.66-Cross-Site-Scripting.html" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/8347", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/8347" - }, - { - "name" : "https://www.htbridge.com/advisory/HTB23276", - "refsource" : "MISC", - "url" : "https://www.htbridge.com/advisory/HTB23276" - }, - { - "name" : "https://wordpress.org/plugins/role-scoper/#developers", - "refsource" : "CONFIRM", - "url" : "https://wordpress.org/plugins/role-scoper/#developers" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allows remote attackers to inject arbitrary web script or HTML via the object_name parameter in a rs-object_role_edit page to wp-admin/admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://wpvulndb.com/vulnerabilities/8347", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/8347" + }, + { + "name": "https://wordpress.org/plugins/role-scoper/#developers", + "refsource": "CONFIRM", + "url": "https://wordpress.org/plugins/role-scoper/#developers" + }, + { + "name": "https://www.htbridge.com/advisory/HTB23276", + "refsource": "MISC", + "url": "https://www.htbridge.com/advisory/HTB23276" + }, + { + "name": "http://packetstormsecurity.com/files/134600/WordPress-Role-Scoper-1.3.66-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/134600/WordPress-Role-Scoper-1.3.66-Cross-Site-Scripting.html" + }, + { + "name": "20151202 Reflected XSS in Role Scoper WordPress Plugin", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537019/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9130.json b/2015/9xxx/CVE-2015-9130.json index 22c929e843e..c7de4833180 100644 --- a/2015/9xxx/CVE-2015-9130.json +++ b/2015/9xxx/CVE-2015-9130.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, in a PlayReady function, a NULL pointer dereference can occur." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "NULL Pointer Dereference in TrustZone" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, in a PlayReady function, a NULL pointer dereference can occur." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NULL Pointer Dereference in TrustZone" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2015/9xxx/CVE-2015-9143.json b/2015/9xxx/CVE-2015-9143.json index 17a4d36ed50..f528993c085 100644 --- a/2015/9xxx/CVE-2015-9143.json +++ b/2015/9xxx/CVE-2015-9143.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2015-9143", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC with a very large meta offset (>size of default CDT-array compiled in bootloader) for one of the CDBs, a buffer overflow occurs." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Boot." - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2015-9143", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC with a very large meta offset (>size of default CDT-array compiled in bootloader) for one of the CDBs, a buffer overflow occurs." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Boot." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5056.json b/2016/5xxx/CVE-2016-5056.json index 8cec06ecb69..9ec416f806a 100644 --- a/2016/5xxx/CVE-2016-5056.json +++ b/2016/5xxx/CVE-2016-5056.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5056", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26", - "version" : { - "version_data" : [ - { - "version_value" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Weak Default WPA2 PSKs" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5056", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26", + "version": { + "version_data": [ + { + "version_value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059", - "refsource" : "MISC", - "url" : "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "OSRAM SYLVANIA Osram Lightify Pro before 2016-07-26 uses only 8 hex digits for a PSK." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Weak Default WPA2 PSKs" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059", + "refsource": "MISC", + "url": "https://community.rapid7.com/community/infosec/blog/2016/07/26/r7-2016-10-multiple-osram-sylvania-osram-lightify-vulnerabilities-cve-2016-5051-through-5059" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5244.json b/2016/5xxx/CVE-2016-5244.json index efab829f050..1c256b19206 100644 --- a/2016/5xxx/CVE-2016-5244.json +++ b/2016/5xxx/CVE-2016-5244.json @@ -1,177 +1,177 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/03/5" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343337" - }, - { - "name" : "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb" - }, - { - "name" : "https://patchwork.ozlabs.org/patch/629110/", - "refsource" : "CONFIRM", - "url" : "https://patchwork.ozlabs.org/patch/629110/" - }, - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "SUSE-SU-2016:1672", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" - }, - { - "name" : "SUSE-SU-2016:1690", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" - }, - { - "name" : "SUSE-SU-2016:1937", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" - }, - { - "name" : "openSUSE-SU-2016:1641", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" - }, - { - "name" : "SUSE-SU-2016:1985", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" - }, - { - "name" : "SUSE-SU-2016:2105", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" - }, - { - "name" : "openSUSE-SU-2016:2184", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" - }, - { - "name" : "USN-3070-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3070-2" - }, - { - "name" : "USN-3070-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3070-3" - }, - { - "name" : "USN-3070-4", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3070-4" - }, - { - "name" : "USN-3070-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3070-1" - }, - { - "name" : "USN-3071-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3071-1" - }, - { - "name" : "USN-3071-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3071-2" - }, - { - "name" : "USN-3072-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3072-1" - }, - { - "name" : "USN-3072-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3072-2" - }, - { - "name" : "91021", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91021" - }, - { - "name" : "1041895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb" + }, + { + "name": "SUSE-SU-2016:1690", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" + }, + { + "name": "USN-3070-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3070-1" + }, + { + "name": "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/03/5" + }, + { + "name": "SUSE-SU-2016:1985", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html" + }, + { + "name": "openSUSE-SU-2016:2184", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html" + }, + { + "name": "https://patchwork.ozlabs.org/patch/629110/", + "refsource": "CONFIRM", + "url": "https://patchwork.ozlabs.org/patch/629110/" + }, + { + "name": "USN-3070-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3070-3" + }, + { + "name": "1041895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041895" + }, + { + "name": "openSUSE-SU-2016:1641", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html" + }, + { + "name": "91021", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91021" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb" + }, + { + "name": "USN-3070-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3070-2" + }, + { + "name": "SUSE-SU-2016:1672", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343337" + }, + { + "name": "USN-3071-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3071-1" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html" + }, + { + "name": "USN-3070-4", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3070-4" + }, + { + "name": "SUSE-SU-2016:2105", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html" + }, + { + "name": "USN-3072-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3072-2" + }, + { + "name": "USN-3072-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3072-1" + }, + { + "name": "USN-3071-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3071-2" + }, + { + "name": "SUSE-SU-2016:1937", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5469.json b/2016/5xxx/CVE-2016-5469.json index cc5c808d776..4cbebabc47d 100644 --- a/2016/5xxx/CVE-2016-5469.json +++ b/2016/5xxx/CVE-2016-5469.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91938", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91938" - }, - { - "name" : "1036407", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036407" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability via vectors related to Kernel, a different vulnerability than CVE-2016-3497 and CVE-2016-5471." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91938", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91938" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + }, + { + "name": "1036407", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036407" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5553.json b/2016/5xxx/CVE-2016-5553.json index e74ed6161a6..3738a25e2d1 100644 --- a/2016/5xxx/CVE-2016-5553.json +++ b/2016/5xxx/CVE-2016-5553.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5553", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5553", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "93759", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93759" - }, - { - "name" : "1037048", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037048" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.3 allows local users to affect availability via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1037048", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037048" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "93759", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93759" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5773.json b/2016/5xxx/CVE-2016-5773.json index fade99c49e1..67aea27795e 100644 --- a/2016/5xxx/CVE-2016-5773.json +++ b/2016/5xxx/CVE-2016-5773.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5773", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5773", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/23/4" - }, - { - "name" : "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1", - "refsource" : "CONFIRM", - "url" : "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=72434", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=72434" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "https://support.apple.com/HT207170", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207170" - }, - { - "name" : "APPLE-SA-2016-09-20", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" - }, - { - "name" : "DSA-3618", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3618" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "openSUSE-SU-2016:1761", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" - }, - { - "name" : "91397", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91397" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html" + }, + { + "name": "openSUSE-SU-2016:1761", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1", + "refsource": "CONFIRM", + "url": "http://github.com/php/php-src/commit/f6aef68089221c5ea047d4a74224ee3deead99a6?w=1" + }, + { + "name": "https://bugs.php.net/bug.php?id=72434", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=72434" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4" + }, + { + "name": "DSA-3618", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3618" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "https://support.apple.com/HT207170", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207170" + }, + { + "name": "91397", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91397" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2444.json b/2018/2xxx/CVE-2018-2444.json index 477325898a4..803058a97cd 100644 --- a/2018/2xxx/CVE-2018-2444.json +++ b/2018/2xxx/CVE-2018-2444.json @@ -1,80 +1,80 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cna@sap.com", - "ID" : "CVE-2018-2444", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "SAP BusinessObjects Financial Consolidation", - "version" : { - "version_data" : [ - { - "version_name" : "", - "version_value" : "10.0" - }, - { - "version_name" : "", - "version_value" : "10.1" - } - ] - } - } - ] - }, - "vendor_name" : "SAP" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "cna@sap.com", + "ID": "CVE-2018-2444", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SAP BusinessObjects Financial Consolidation", + "version": { + "version_data": [ + { + "version_name": "", + "version_value": "10.0" + }, + { + "version_name": "", + "version_value": "10.1" + } + ] + } + } + ] + }, + "vendor_name": "SAP" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://launchpad.support.sap.com/#/notes/2621395", - "refsource" : "MISC", - "url" : "https://launchpad.support.sap.com/#/notes/2621395" - }, - { - "name" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742", - "refsource" : "CONFIRM", - "url" : "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742" - }, - { - "name" : "105087", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/105087" - } - ] - }, - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP BusinessObjects Financial Consolidation, versions 10.0, 10.1, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "105087", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/105087" + }, + { + "name": "https://launchpad.support.sap.com/#/notes/2621395", + "refsource": "MISC", + "url": "https://launchpad.support.sap.com/#/notes/2621395" + }, + { + "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742", + "refsource": "CONFIRM", + "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2851.json b/2018/2xxx/CVE-2018-2851.json index 271b021f0da..644419aa8d0 100644 --- a/2018/2xxx/CVE-2018-2851.json +++ b/2018/2xxx/CVE-2018-2851.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2851", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Hospitality Simphony First Edition", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "1.6" - }, - { - "version_affected" : "=", - "version_value" : "1.7" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Simphony First Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Simphony First Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2851", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Hospitality Simphony First Edition", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.6" + }, + { + "version_affected": "=", + "version_value": "1.7" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103896", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103896" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). Supported versions that are affected are 1.6 and 1.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Simphony First Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simphony First Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Simphony First Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Simphony First Edition accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103896", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103896" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6132.json b/2018/6xxx/CVE-2018-6132.json index 6139db976ed..eab5a98b5c0 100644 --- a/2018/6xxx/CVE-2018-6132.json +++ b/2018/6xxx/CVE-2018-6132.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6132", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6132", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6754.json b/2018/6xxx/CVE-2018-6754.json index 082b7a20f78..902f6a162d3 100644 --- a/2018/6xxx/CVE-2018-6754.json +++ b/2018/6xxx/CVE-2018-6754.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6754", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6754", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6821.json b/2018/6xxx/CVE-2018-6821.json index 75e9ddfcd04..1da012c0f26 100644 --- a/2018/6xxx/CVE-2018-6821.json +++ b/2018/6xxx/CVE-2018-6821.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6821", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-6821", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6928.json b/2018/6xxx/CVE-2018-6928.json index 8c78576f9c7..f4a240e7599 100644 --- a/2018/6xxx/CVE-2018-6928.json +++ b/2018/6xxx/CVE-2018-6928.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6928", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6928", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "44030", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/44030/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "44030", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/44030/" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0213.json b/2019/0xxx/CVE-2019-0213.json index 7ee9e3f95f1..a0e836fd576 100644 --- a/2019/0xxx/CVE-2019-0213.json +++ b/2019/0xxx/CVE-2019-0213.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0213", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0213", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0685.json b/2019/0xxx/CVE-2019-0685.json index 494a40f8862..855768f3b51 100644 --- a/2019/0xxx/CVE-2019-0685.json +++ b/2019/0xxx/CVE-2019-0685.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0685", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0685", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0841.json b/2019/0xxx/CVE-2019-0841.json index a876cb8bfe2..ffaab41c810 100644 --- a/2019/0xxx/CVE-2019-0841.json +++ b/2019/0xxx/CVE-2019-0841.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0841", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0841", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1017.json b/2019/1xxx/CVE-2019-1017.json index a63e7badfe8..263c91a7147 100644 --- a/2019/1xxx/CVE-2019-1017.json +++ b/2019/1xxx/CVE-2019-1017.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1017", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1017", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1032.json b/2019/1xxx/CVE-2019-1032.json index 50fe7111f0d..a9a483cb3d4 100644 --- a/2019/1xxx/CVE-2019-1032.json +++ b/2019/1xxx/CVE-2019-1032.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1032", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1032", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1226.json b/2019/1xxx/CVE-2019-1226.json index ec8a0c7a485..5c10002c389 100644 --- a/2019/1xxx/CVE-2019-1226.json +++ b/2019/1xxx/CVE-2019-1226.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1226", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1226", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1346.json b/2019/1xxx/CVE-2019-1346.json index 4393932e9a5..d28835455b2 100644 --- a/2019/1xxx/CVE-2019-1346.json +++ b/2019/1xxx/CVE-2019-1346.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1346", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1346", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1422.json b/2019/1xxx/CVE-2019-1422.json index 8e9056fe671..7e4d6f98991 100644 --- a/2019/1xxx/CVE-2019-1422.json +++ b/2019/1xxx/CVE-2019-1422.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1422", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1422", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5590.json b/2019/5xxx/CVE-2019-5590.json index 25ecb41ab87..f5e7782e498 100644 --- a/2019/5xxx/CVE-2019-5590.json +++ b/2019/5xxx/CVE-2019-5590.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5590", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5590", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5799.json b/2019/5xxx/CVE-2019-5799.json index eee71cc2601..fcd76ba4ec4 100644 --- a/2019/5xxx/CVE-2019-5799.json +++ b/2019/5xxx/CVE-2019-5799.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5799", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5799", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5914.json b/2019/5xxx/CVE-2019-5914.json index 5c6d3aa01bb..e7bad4dd33f 100644 --- a/2019/5xxx/CVE-2019-5914.json +++ b/2019/5xxx/CVE-2019-5914.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "vultures@jpcert.or.jp", - "ID" : "CVE-2019-5914", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "V20 PRO L-01J", - "version" : { - "version_data" : [ - { - "version_value" : "software version L01J20c and L01J20d" - } - ] - } - } - ] - }, - "vendor_name" : "NTT DOCOMO, INC." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Null Pointer Exception" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2019-5914", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "V20 PRO L-01J", + "version": { + "version_data": [ + { + "version_value": "software version L01J20c and L01J20d" + } + ] + } + } + ] + }, + "vendor_name": "NTT DOCOMO, INC." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.nttdocomo.co.jp/support/utilization/product_update/list/l01j/index.html", - "refsource" : "MISC", - "url" : "https://www.nttdocomo.co.jp/support/utilization/product_update/list/l01j/index.html" - }, - { - "name" : "JVN#40439414", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN40439414/index.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Null Pointer Exception" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#40439414", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN40439414/index.html" + }, + { + "name": "https://www.nttdocomo.co.jp/support/utilization/product_update/list/l01j/index.html", + "refsource": "MISC", + "url": "https://www.nttdocomo.co.jp/support/utilization/product_update/list/l01j/index.html" + } + ] + } +} \ No newline at end of file