diff --git a/1999/1xxx/CVE-1999-1221.json b/1999/1xxx/CVE-1999-1221.json index 49ba624e792..6bf7ad86f74 100644 --- a/1999/1xxx/CVE-1999-1221.json +++ b/1999/1xxx/CVE-1999-1221.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-1221", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-1221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19961117 Digital Unix v3.x (v4.x?) security vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=87602167420141&w=2" - }, - { - "name" : "dgux-chpwd(399)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/399" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19961117 Digital Unix v3.x (v4.x?) security vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=87602167420141&w=2" + }, + { + "name": "dgux-chpwd(399)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/399" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2106.json b/2005/2xxx/CVE-2005-2106.json index 493f18b8e77..a55baf796b7 100644 --- a/2005/2xxx/CVE-2005-2106.json +++ b/2005/2xxx/CVE-2005-2106.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2106", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2106", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050629 [DRUPAL-SA-2005-002] Drupal 4.6.2 / 4.5.4 fixes input validation issue", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112015287827452&w=2" - }, - { - "name" : "http://www.drupal.org/security/drupal-sa-2005-002/advisory.txt", - "refsource" : "CONFIRM", - "url" : "http://www.drupal.org/security/drupal-sa-2005-002/advisory.txt" - }, - { - "name" : "DSA-745", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-745" - }, - { - "name" : "14110", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14110" - }, - { - "name" : "15872", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unknown vulnerability in Drupal 4.5.0 through 4.5.3, 4.6.0, and 4.6.1 allows remote attackers to execute arbitrary PHP code via a public comment or posting." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "15872", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15872" + }, + { + "name": "20050629 [DRUPAL-SA-2005-002] Drupal 4.6.2 / 4.5.4 fixes input validation issue", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112015287827452&w=2" + }, + { + "name": "http://www.drupal.org/security/drupal-sa-2005-002/advisory.txt", + "refsource": "CONFIRM", + "url": "http://www.drupal.org/security/drupal-sa-2005-002/advisory.txt" + }, + { + "name": "DSA-745", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-745" + }, + { + "name": "14110", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14110" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2251.json b/2005/2xxx/CVE-2005-2251.json index 007327cd691..73260a228fa 100644 --- a/2005/2xxx/CVE-2005-2251.json +++ b/2005/2xxx/CVE-2005-2251.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2251", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2251", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2452", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2452" - }, - { - "name" : "14201", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14201" - }, - { - "name" : "1014410", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014410" - }, - { - "name" : "15994", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15994" - }, - { - "name" : "phpsecurepages-secure-file-include(29263)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29263" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "phpsecurepages-secure-file-include(29263)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29263" + }, + { + "name": "15994", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15994" + }, + { + "name": "1014410", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014410" + }, + { + "name": "2452", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2452" + }, + { + "name": "14201", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14201" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2289.json b/2005/2xxx/CVE-2005-2289.json index b222f568b56..c3c45642888 100644 --- a/2005/2xxx/CVE-2005-2289.json +++ b/2005/2xxx/CVE-2005-2289.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2289", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHPCounter 7.2 allows remote attackers to obtain sensitive information via a direct request to prelims.php, which reveals the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2289", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050713 Path Disclosure and XSS problem in PHP Counter 7.2", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112129495128834&w=2" - }, - { - "name" : "1014478", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1014478" - }, - { - "name" : "15816", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/15816" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHPCounter 7.2 allows remote attackers to obtain sensitive information via a direct request to prelims.php, which reveals the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20050713 Path Disclosure and XSS problem in PHP Counter 7.2", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112129495128834&w=2" + }, + { + "name": "15816", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/15816" + }, + { + "name": "1014478", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1014478" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2480.json b/2005/2xxx/CVE-2005-2480.json index 1e5c5ad5249..07a43332102 100644 --- a/2005/2xxx/CVE-2005-2480.json +++ b/2005/2xxx/CVE-2005-2480.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2480", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2480", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050803 Coldfusion Fusebox V4.1.0 Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112309656102615&w=2" - }, - { - "name" : "14460", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14460" - }, - { - "name" : "16320", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16320" - }, - { - "name" : "fusebox-fuseaction-xss(21697)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/21697" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in ColdFusion Fusebox 4.1.0 allows remote attackers to inject arbitrary web script or HTML via the fuseaction parameter, which is not quoted in an error page, as demonstrated using index.cfm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16320", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16320" + }, + { + "name": "fusebox-fuseaction-xss(21697)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21697" + }, + { + "name": "14460", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14460" + }, + { + "name": "20050803 Coldfusion Fusebox V4.1.0 Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112309656102615&w=2" + } + ] + } +} \ No newline at end of file diff --git a/2005/2xxx/CVE-2005-2878.json b/2005/2xxx/CVE-2005-2878.json index 031ca0d0a82..357194d9613 100644 --- a/2005/2xxx/CVE-2005-2878.json +++ b/2005/2xxx/CVE-2005-2878.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-2878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-2878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20050909 GNU Mailutils 0.6 imap4d 'search' Format String Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/application/poi/display?id=303&type=vulnerabilities&flashstatus=true" - }, - { - "name" : "20050926 FreeBSD GNU Mailutils 0.6 imap4d exploit", - "refsource" : "BUGTRAQ", - "url" : "http://marc.info/?l=bugtraq&m=112785181316043&w=2" - }, - { - "name" : "http://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c", - "refsource" : "MISC", - "url" : "http://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c" - }, - { - "name" : "http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407", - "refsource" : "CONFIRM", - "url" : "http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407" - }, - { - "name" : "DSA-841", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2005/dsa-841" - }, - { - "name" : "GLSA-200509-10", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200509-10.xml" - }, - { - "name" : "14794", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/14794" - }, - { - "name" : "16783", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16783" - }, - { - "name" : "17020", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17020" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407", + "refsource": "CONFIRM", + "url": "http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407" + }, + { + "name": "17020", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17020" + }, + { + "name": "GLSA-200509-10", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200509-10.xml" + }, + { + "name": "16783", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16783" + }, + { + "name": "20050909 GNU Mailutils 0.6 imap4d 'search' Format String Vulnerability", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/application/poi/display?id=303&type=vulnerabilities&flashstatus=true" + }, + { + "name": "http://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c", + "refsource": "MISC", + "url": "http://www.rosiello.org/archivio/imap4d_FreeBSD_exploit.c" + }, + { + "name": "DSA-841", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2005/dsa-841" + }, + { + "name": "20050926 FreeBSD GNU Mailutils 0.6 imap4d exploit", + "refsource": "BUGTRAQ", + "url": "http://marc.info/?l=bugtraq&m=112785181316043&w=2" + }, + { + "name": "14794", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/14794" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3811.json b/2005/3xxx/CVE-2005-3811.json index e6e610a93c1..5fe8e833d3e 100644 --- a/2005/3xxx/CVE-2005-3811.json +++ b/2005/3xxx/CVE-2005-3811.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to overwrite arbitrary files with session information via the sid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051118 Secunia Research: Winmail Server Multiple Vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0580.html" - }, - { - "name" : "http://secunia.com/secunia_research/2005-58/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2005-58/advisory/" - }, - { - "name" : "15493", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15493/" - }, - { - "name" : "20925", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/20925" - }, - { - "name" : "16665", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/16665" - }, - { - "name" : "195", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/195" - }, - { - "name" : "winmail-main-file-overwrite(23132)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/23132" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in admin/main.php in AMAX Magic Winmail Server 4.2 (build 0824) and earlier allows remote attackers to overwrite arbitrary files with session information via the sid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "16665", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/16665" + }, + { + "name": "15493", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15493/" + }, + { + "name": "winmail-main-file-overwrite(23132)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23132" + }, + { + "name": "20925", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/20925" + }, + { + "name": "http://secunia.com/secunia_research/2005-58/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2005-58/advisory/" + }, + { + "name": "20051118 Secunia Research: Winmail Server Multiple Vulnerabilities", + "refsource": "FULLDISC", + "url": "http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0580.html" + }, + { + "name": "195", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/195" + } + ] + } +} \ No newline at end of file diff --git a/2005/3xxx/CVE-2005-3928.json b/2005/3xxx/CVE-2005-3928.json index 01ada4d7a97..376ab40351e 100644 --- a/2005/3xxx/CVE-2005-3928.json +++ b/2005/3xxx/CVE-2005-3928.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2005-3928", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2005-3928", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20051129 possible privilege escalation on QNX Neutrino 6.3.0", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/418105/100/0/threaded" - }, - { - "name" : "20060207 QNX Neutrino RTOS phgrafx Command Buffer Overflow", - "refsource" : "IDEFENSE", - "url" : "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=384" - }, - { - "name" : "15619", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/15619" - }, - { - "name" : "16539", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/16539" - }, - { - "name" : "ADV-2005-2669", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2005/2669" - }, - { - "name" : "1015599", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1015599" - }, - { - "name" : "17781", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/17781" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20051129 possible privilege escalation on QNX Neutrino 6.3.0", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/418105/100/0/threaded" + }, + { + "name": "15619", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/15619" + }, + { + "name": "17781", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/17781" + }, + { + "name": "1015599", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1015599" + }, + { + "name": "ADV-2005-2669", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2005/2669" + }, + { + "name": "20060207 QNX Neutrino RTOS phgrafx Command Buffer Overflow", + "refsource": "IDEFENSE", + "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=384" + }, + { + "name": "16539", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/16539" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5148.json b/2007/5xxx/CVE-2007-5148.json index 45a4c4d2f88..29e13d1b4f3 100644 --- a/2007/5xxx/CVE-2007-5148.json +++ b/2007/5xxx/CVE-2007-5148.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5148", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.12 allow remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter to (1) access/logout.php or certain PHP scripts under (2) admin/, (3) dimensions/, (4) gl/, (5) inventory/, (6) manufacturing/, (7) purchasing/, (8) reporting/, (9) sales/, or (10) taxes/. NOTE: the config.php vector is already covered by CVE-2007-4279, and the login.php and language.php vectors are already covered by CVE-2007-5117. NOTE: this issue is disputed by CVE because path_to_root is defined before use in all of the other files reported in the original disclosure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5148", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/" - }, - { - "name" : "45524", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** DISPUTED ** Multiple PHP remote file inclusion vulnerabilities in FrontAccounting (FA) 1.12 allow remote attackers to execute arbitrary PHP code via a URL in the path_to_root parameter to (1) access/logout.php or certain PHP scripts under (2) admin/, (3) dimensions/, (4) gl/, (5) inventory/, (6) manufacturing/, (7) purchasing/, (8) reporting/, (9) sales/, or (10) taxes/. NOTE: the config.php vector is already covered by CVE-2007-4279, and the login.php and language.php vectors are already covered by CVE-2007-5117. NOTE: this issue is disputed by CVE because path_to_root is defined before use in all of the other files reported in the original disclosure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-frontaccounting/" + }, + { + "name": "45524", + "refsource": "OSVDB", + "url": "http://osvdb.org/45524" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5789.json b/2007/5xxx/CVE-2007-5789.json index a35ce72ac3a..788db892b5d 100644 --- a/2007/5xxx/CVE-2007-5789.json +++ b/2007/5xxx/CVE-2007-5789.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5789", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a flood of fragmented packets to port 5060." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5789", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=362", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=362" - }, - { - "name" : "26349", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26349" - }, - { - "name" : "40186", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40186" - }, - { - "name" : "27401", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27401" - }, - { - "name" : "grandstream-adapter-packet-dos(37414)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37414" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Grandstream HT-488 0.1 allows remote attackers to cause a denial of service (device crash) via a flood of fragmented packets to port 5060." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27401", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27401" + }, + { + "name": "26349", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26349" + }, + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=362", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=362" + }, + { + "name": "grandstream-adapter-packet-dos(37414)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37414" + }, + { + "name": "40186", + "refsource": "OSVDB", + "url": "http://osvdb.org/40186" + } + ] + } +} \ No newline at end of file diff --git a/2009/2xxx/CVE-2009-2051.json b/2009/2xxx/CVE-2009-2051.json index 14285735b71..018ff76460b 100644 --- a/2009/2xxx/CVE-2009-2051.json +++ b/2009/2xxx/CVE-2009-2051.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2009-2051", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2009-2051", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml" - }, - { - "name" : "20100922 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities", - "refsource" : "CISCO", - "url" : "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml" - }, - { - "name" : "36152", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/36152" - }, - { - "name" : "57453", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/57453" - }, - { - "name" : "1022775", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1022775" - }, - { - "name" : "36498", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36498" - }, - { - "name" : "36499", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/36499" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "57453", + "refsource": "OSVDB", + "url": "http://osvdb.org/57453" + }, + { + "name": "36499", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36499" + }, + { + "name": "36152", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/36152" + }, + { + "name": "36498", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/36498" + }, + { + "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml" + }, + { + "name": "20100922 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities", + "refsource": "CISCO", + "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml" + }, + { + "name": "1022775", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1022775" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0018.json b/2015/0xxx/CVE-2015-0018.json index cf8e394327c..21570eaeb50 100644 --- a/2015/0xxx/CVE-2015-0018.json +++ b/2015/0xxx/CVE-2015-0018.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0018", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0037, CVE-2015-0040, and CVE-2015-0066." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-0018", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009" - }, - { - "name" : "72403", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72403" - }, - { - "name" : "1031723", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Internet Explorer Memory Corruption Vulnerability,\" a different vulnerability than CVE-2015-0037, CVE-2015-0040, and CVE-2015-0066." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031723", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031723" + }, + { + "name": "MS15-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009" + }, + { + "name": "72403", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72403" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0071.json b/2015/0xxx/CVE-2015-0071.json index b41a068786d..5d48dd64237 100644 --- a/2015/0xxx/CVE-2015-0071.json +++ b/2015/0xxx/CVE-2015-0071.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0071", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"Internet Explorer ASLR Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-0071", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-009", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009" - }, - { - "name" : "72455", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72455" - }, - { - "name" : "1031723", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1031723" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka \"Internet Explorer ASLR Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1031723", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1031723" + }, + { + "name": "MS15-009", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009" + }, + { + "name": "72455", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72455" + } + ] + } +} \ No newline at end of file diff --git a/2015/0xxx/CVE-2015-0265.json b/2015/0xxx/CVE-2015-0265.json index b7712684f0b..385e7df1903 100644 --- a/2015/0xxx/CVE-2015-0265.json +++ b/2015/0xxx/CVE-2015-0265.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-0265", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2015-0265", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[ranger-dev] 20150805 CVEs fixed in Ranger 0.5", - "refsource" : "MLIST", - "url" : "https://mail-archives.apache.org/mod_mbox/ranger-dev/201508.mbox/%3CD1E7EC30.9D53F%25vel@apache.org%3E" - }, - { - "name" : "http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security", - "refsource" : "MISC", - "url" : "http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security" - }, - { - "name" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger", - "refsource" : "CONFIRM", - "url" : "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger" - }, - { - "name" : "76208", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76208" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allows remote attackers to inject arbitrary web script or HTML via the HTTP User-Agent header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[ranger-dev] 20150805 CVEs fixed in Ranger 0.5", + "refsource": "MLIST", + "url": "https://mail-archives.apache.org/mod_mbox/ranger-dev/201508.mbox/%3CD1E7EC30.9D53F%25vel@apache.org%3E" + }, + { + "name": "http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security", + "refsource": "MISC", + "url": "http://www.slideshare.net/wojdwo/big-problems-with-big-data-hadoop-interfaces-security" + }, + { + "name": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger", + "refsource": "CONFIRM", + "url": "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger" + }, + { + "name": "76208", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76208" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4324.json b/2015/4xxx/CVE-2015-4324.json index 1f5305d08f8..10367ee4479 100644 --- a/2015/4xxx/CVE-2015-4324.json +++ b/2015/4xxx/CVE-2015-4324.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4324", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-4324", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470" - }, - { - "name" : "76372", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76372" - }, - { - "name" : "1033327", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033327" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 devices 7.3(0)ZN(0.81), Nexus 4000 devices 4.1(2)E1(1c), Nexus 7000 devices 7.2(0)N1(0.1), and Nexus 9000 devices 7.3(0)ZN(0.81) allows remote attackers to cause a denial of service (IGMP process restart) via a malformed IGMPv3 packet that is mishandled during memory allocation, aka Bug IDs CSCuv69713, CSCuv69717, CSCuv69723, CSCuv69732, and CSCuv48908." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033327", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033327" + }, + { + "name": "76372", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76372" + }, + { + "name": "20150817 Cisco NX-OS Internet Group Management Protocol Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=40470" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4700.json b/2015/4xxx/CVE-2015-4700.json index 6ddc27170da..a3e55a5cce1 100644 --- a/2015/4xxx/CVE-2015-4700.json +++ b/2015/4xxx/CVE-2015-4700.json @@ -1,182 +1,182 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4700", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4700", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150622 Re: CVE request: Linux kernel - bpf jit optimization flaw can panic kenrel.", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/06/23/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1233615", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1233615" - }, - { - "name" : "https://github.com/torvalds/linux/commit/3f7352bf21f8fd7ba3e2fcef9488756f188e12be", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/3f7352bf21f8fd7ba3e2fcef9488756f188e12be" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" - }, - { - "name" : "DSA-3329", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3329" - }, - { - "name" : "RHSA-2015:1778", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-1778.html" - }, - { - "name" : "SUSE-SU-2015:1478", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" - }, - { - "name" : "SUSE-SU-2015:1592", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html" - }, - { - "name" : "SUSE-SU-2015:1611", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html" - }, - { - "name" : "SUSE-SU-2015:1224", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" - }, - { - "name" : "SUSE-SU-2015:1490", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:1382", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:1487", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html" - }, - { - "name" : "SUSE-SU-2015:1488", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html" - }, - { - "name" : "SUSE-SU-2015:1489", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html" - }, - { - "name" : "SUSE-SU-2015:1491", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html" - }, - { - "name" : "USN-2679-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2679-1" - }, - { - "name" : "USN-2680-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2680-1" - }, - { - "name" : "USN-2681-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2681-1" - }, - { - "name" : "USN-2683-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2683-1" - }, - { - "name" : "USN-2684-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2684-1" - }, - { - "name" : "75356", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75356" - }, - { - "name" : "1033046", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033046" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 allows local users to cause a denial of service (system crash) by creating a packet filter and then loading crafted BPF instructions that trigger late convergence by the JIT compiler." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/torvalds/linux/commit/3f7352bf21f8fd7ba3e2fcef9488756f188e12be", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/3f7352bf21f8fd7ba3e2fcef9488756f188e12be" + }, + { + "name": "SUSE-SU-2015:1491", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00011.html" + }, + { + "name": "SUSE-SU-2015:1489", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00009.html" + }, + { + "name": "[oss-security] 20150622 Re: CVE request: Linux kernel - bpf jit optimization flaw can panic kenrel.", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/06/23/2" + }, + { + "name": "SUSE-SU-2015:1488", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00008.html" + }, + { + "name": "USN-2680-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2680-1" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=3f7352bf21f8fd7ba3e2fcef9488756f188e12be" + }, + { + "name": "USN-2679-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2679-1" + }, + { + "name": "SUSE-SU-2015:1611", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00021.html" + }, + { + "name": "RHSA-2015:1778", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-1778.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1233615", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1233615" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.6" + }, + { + "name": "1033046", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033046" + }, + { + "name": "DSA-3329", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3329" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" + }, + { + "name": "openSUSE-SU-2015:1382", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html" + }, + { + "name": "USN-2684-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2684-1" + }, + { + "name": "USN-2681-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2681-1" + }, + { + "name": "SUSE-SU-2015:1478", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00004.html" + }, + { + "name": "USN-2683-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2683-1" + }, + { + "name": "SUSE-SU-2015:1490", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00010.html" + }, + { + "name": "75356", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75356" + }, + { + "name": "SUSE-SU-2015:1224", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html" + }, + { + "name": "SUSE-SU-2015:1487", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00007.html" + }, + { + "name": "SUSE-SU-2015:1592", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00018.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4743.json b/2015/4xxx/CVE-2015-4743.json index ded95df0d64..4e44f7d5a4f 100644 --- a/2015/4xxx/CVE-2015-4743.json +++ b/2015/4xxx/CVE-2015-4743.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4743", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to AD Utilities." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-4743", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "1032926", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032926" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3 allows remote authenticated users to affect confidentiality via unknown vectors related to AD Utilities." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "1032926", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032926" + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4897.json b/2015/4xxx/CVE-2015-4897.json index d94cf0c874e..69f6bee9f77 100644 --- a/2015/4xxx/CVE-2015-4897.json +++ b/2015/4xxx/CVE-2015-4897.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4897", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-4897", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8019.json b/2015/8xxx/CVE-2015-8019.json index 9922ca3ffe6..1b001b69ef6 100644 --- a/2015/8xxx/CVE-2015-8019.json +++ b/2015/8xxx/CVE-2015-8019.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8019", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8019", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/27/11" - }, - { - "name" : "http://patchwork.ozlabs.org/patch/530642/", - "refsource" : "MISC", - "url" : "http://patchwork.ozlabs.org/patch/530642/" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1276588", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1276588" - }, - { - "name" : "SUSE-SU-2016:1961", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html" - }, - { - "name" : "SUSE-SU-2016:1994", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html" - }, - { - "name" : "SUSE-SU-2016:1995", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html" - }, - { - "name" : "SUSE-SU-2016:2005", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html" - }, - { - "name" : "SUSE-SU-2016:2009", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html" - }, - { - "name" : "77326", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77326" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20151027 CVE Request: Linux kernel: Buffer overflow when copying data from skbuff to userspace", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/27/11" + }, + { + "name": "SUSE-SU-2016:1994", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html" + }, + { + "name": "SUSE-SU-2016:1961", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1276588", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1276588" + }, + { + "name": "SUSE-SU-2016:2009", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html" + }, + { + "name": "http://patchwork.ozlabs.org/patch/530642/", + "refsource": "MISC", + "url": "http://patchwork.ozlabs.org/patch/530642/" + }, + { + "name": "SUSE-SU-2016:2005", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html" + }, + { + "name": "77326", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77326" + }, + { + "name": "SUSE-SU-2016:1995", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8505.json b/2015/8xxx/CVE-2015-8505.json index 7c94ce68b10..9ecd49b3429 100644 --- a/2015/8xxx/CVE-2015-8505.json +++ b/2015/8xxx/CVE-2015-8505.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 17769851, a different vulnerability than CVE-2015-6616, CVE-2015-8506, and CVE-2015-8507." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@android.com", + "ID": "CVE-2015-8505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://source.android.com/security/bulletin/2015-12-01.html", - "refsource" : "CONFIRM", - "url" : "http://source.android.com/security/bulletin/2015-12-01.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 17769851, a different vulnerability than CVE-2015-6616, CVE-2015-8506, and CVE-2015-8507." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://source.android.com/security/bulletin/2015-12-01.html", + "refsource": "CONFIRM", + "url": "http://source.android.com/security/bulletin/2015-12-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8733.json b/2015/8xxx/CVE-2015-8733.json index a4c4a11e38d..82280a1ade6 100644 --- a/2015/8xxx/CVE-2015-8733.json +++ b/2015/8xxx/CVE-2015-8733.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8733", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8733", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-51.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-51.html" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "DSA-3505", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3505" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "79814", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79814" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=53a3e53fce30523d11ab3df319fba7b75d63076f" + }, + { + "name": "DSA-3505", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3505" + }, + { + "name": "79814", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79814" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-51.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-51.html" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8754.json b/2015/8xxx/CVE-2015-8754.json index bf59f1ecf1a..d0856ef6ad9 100644 --- a/2015/8xxx/CVE-2015-8754.json +++ b/2015/8xxx/CVE-2015-8754.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8754", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8754", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2627448", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2627448" - }, - { - "name" : "https://www.drupal.org/node/2626872", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2626872" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2627448", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2627448" + }, + { + "name": "https://www.drupal.org/node/2626872", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2626872" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5081.json b/2016/5xxx/CVE-2016-5081.json index efae9f2991f..4b5faf97020 100644 --- a/2016/5xxx/CVE-2016-5081.json +++ b/2016/5xxx/CVE-2016-5081.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5081", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5081", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#301735", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/301735" - }, - { - "name" : "92449", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92449" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ZModo ZP-NE14-S and ZP-IBH-13W devices have a hardcoded root password, which makes it easier for remote attackers to obtain access via a TELNET session." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "92449", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92449" + }, + { + "name": "VU#301735", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/301735" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5391.json b/2016/5xxx/CVE-2016-5391.json index 53e33f01e66..4e3cd173f59 100644 --- a/2016/5xxx/CVE-2016-5391.json +++ b/2016/5xxx/CVE-2016-5391.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-5391", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-5391", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1356183", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1356183" - }, - { - "name" : "https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt", - "refsource" : "CONFIRM", - "url" : "https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt" - }, - { - "name" : "FEDORA-2016-26a03340e6", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKMS7R4TG6LTAGEBOWVUXF6LAWQXLNXV/" - }, - { - "name" : "FEDORA-2016-d46685629d", - "refsource" : "FEDORA", - "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65R6OA5AY7K2UBQUDOLOS5Y3SCULQI6I/" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-d46685629d", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/65R6OA5AY7K2UBQUDOLOS5Y3SCULQI6I/" + }, + { + "name": "FEDORA-2016-26a03340e6", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UKMS7R4TG6LTAGEBOWVUXF6LAWQXLNXV/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1356183", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356183" + }, + { + "name": "https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt", + "refsource": "CONFIRM", + "url": "https://libreswan.org/security/CVE-2016-5391/CVE-2016-5391.txt" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5677.json b/2016/5xxx/CVE-2016-5677.json index 0d11e2ced8a..f239895c126 100644 --- a/2016/5xxx/CVE-2016-5677.json +++ b/2016/5xxx/CVE-2016-5677.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-5677", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-5677", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40200", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40200/" - }, - { - "name" : "VU#856152", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/856152" - }, - { - "name" : "92318", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92318" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 have a hardcoded qwe23622260 password for the nuuoeng account, which allows remote attackers to obtain sensitive information via an __nvr_status___.php request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#856152", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/856152" + }, + { + "name": "92318", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92318" + }, + { + "name": "40200", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40200/" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5888.json b/2016/5xxx/CVE-2016-5888.json index 6155f1cd613..01c25b0476f 100644 --- a/2016/5xxx/CVE-2016-5888.json +++ b/2016/5xxx/CVE-2016-5888.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-5888", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Interact", - "version" : { - "version_data" : [ - { - "version_value" : "10.0, 8.6, 9.0, 9.1, 9.1.1, 9.1.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-5888", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Interact", + "version": { + "version_data": [ + { + "version_value": "10.0, 8.6, 9.0, 9.1, 9.1.1, 9.1.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22002147", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22002147" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 115084." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22002147", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22002147" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2514.json b/2018/2xxx/CVE-2018-2514.json index 118ca5792f1..b319b5686a5 100644 --- a/2018/2xxx/CVE-2018-2514.json +++ b/2018/2xxx/CVE-2018-2514.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-2514", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-2514", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2593.json b/2018/2xxx/CVE-2018-2593.json index ad43cd427ec..cd7a1fdaf4e 100644 --- a/2018/2xxx/CVE-2018-2593.json +++ b/2018/2xxx/CVE-2018-2593.json @@ -1,81 +1,81 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2593", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "PeopleSoft Enterprise PT PeopleTools", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.54" - }, - { - "version_affected" : "=", - "version_value" : "8.55" - }, - { - "version_affected" : "=", - "version_value" : "8.56" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2593", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PeopleSoft Enterprise PT PeopleTools", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.54" + }, + { + "version_affected": "=", + "version_value": "8.55" + }, + { + "version_affected": "=", + "version_value": "8.56" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" - }, - { - "name" : "102581", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/102581" - }, - { - "name" : "1040204", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1040204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "102581", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/102581" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html" + }, + { + "name": "1040204", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1040204" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2919.json b/2018/2xxx/CVE-2018-2919.json index 8ffc45d9e0c..6b133253a4d 100644 --- a/2018/2xxx/CVE-2018-2919.json +++ b/2018/2xxx/CVE-2018-2919.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2919", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "PeopleSoft Enterprise PT PeopleTools", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "8.55" - }, - { - "version_affected" : "=", - "version_value" : "8.56" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Unified Navigation). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2919", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "PeopleSoft Enterprise PT PeopleTools", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "8.55" + }, + { + "version_affected": "=", + "version_value": "8.56" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" - }, - { - "name" : "104824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/104824" - }, - { - "name" : "1041306", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1041306" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Unified Navigation). Supported versions that are affected are 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html" + }, + { + "name": "104824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/104824" + }, + { + "name": "1041306", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041306" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6742.json b/2018/6xxx/CVE-2018-6742.json index 7f1430520c5..3f3bdaba680 100644 --- a/2018/6xxx/CVE-2018-6742.json +++ b/2018/6xxx/CVE-2018-6742.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6742", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6742", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6894.json b/2018/6xxx/CVE-2018-6894.json index 886e0681465..d64c6c9a004 100644 --- a/2018/6xxx/CVE-2018-6894.json +++ b/2018/6xxx/CVE-2018-6894.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6894", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6894", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6926.json b/2018/6xxx/CVE-2018-6926.json index 078c5c71f90..c8e7b1838de 100644 --- a/2018/6xxx/CVE-2018-6926.json +++ b/2018/6xxx/CVE-2018-6926.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6926", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6926", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/MISP/MISP/commit/0a2aa9d52492d960b9a161160acedbe9caaa4126", - "refsource" : "CONFIRM", - "url" : "https://github.com/MISP/MISP/commit/0a2aa9d52492d960b9a161160acedbe9caaa4126" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/MISP/MISP/commit/0a2aa9d52492d960b9a161160acedbe9caaa4126", + "refsource": "CONFIRM", + "url": "https://github.com/MISP/MISP/commit/0a2aa9d52492d960b9a161160acedbe9caaa4126" + } + ] + } +} \ No newline at end of file diff --git a/2018/6xxx/CVE-2018-6933.json b/2018/6xxx/CVE-2018-6933.json index 80a17516a28..394f6a3d3f0 100644 --- a/2018/6xxx/CVE-2018-6933.json +++ b/2018/6xxx/CVE-2018-6933.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-6933", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-6933", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7421.json b/2018/7xxx/CVE-2018-7421.json index 5e48562365c..2113207b5f0 100644 --- a/2018/7xxx/CVE-2018-7421.json +++ b/2018/7xxx/CVE-2018-7421.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2018-7421", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2018-7421", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2018-06.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=656812ee1f2a8ddfd383b02a066e888f5919e17a" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2018-06.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2018-06.html" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e8be5adae469ba563acfad2c2b98673e1afaf901" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14408" + } + ] + } +} \ No newline at end of file diff --git a/2018/7xxx/CVE-2018-7502.json b/2018/7xxx/CVE-2018-7502.json index 691a6d221a9..81da6a4857d 100644 --- a/2018/7xxx/CVE-2018-7502.json +++ b/2018/7xxx/CVE-2018-7502.json @@ -1,78 +1,78 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2018-03-22T00:00:00", - "ID" : "CVE-2018-7502", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Beckhoff TwinCAT PLC products", - "version" : { - "version_data" : [ - { - "version_value" : "TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, TwinCAT 3.1" - } - ] - } - } - ] - }, - "vendor_name" : "ICS-CERT" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Untrusted Pointer Dereference CWE-822" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2018-03-22T00:00:00", + "ID": "CVE-2018-7502", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Beckhoff TwinCAT PLC products", + "version": { + "version_data": [ + { + "version_value": "TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, TwinCAT 3.1" + } + ] + } + } + ] + }, + "vendor_name": "ICS-CERT" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://srcincite.io/advisories/src-2018-0007/", - "refsource" : "MISC", - "url" : "https://srcincite.io/advisories/src-2018-0007/" - }, - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02" - }, - { - "name" : "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf", - "refsource" : "CONFIRM", - "url" : "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf" - }, - { - "name" : "103487", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Untrusted Pointer Dereference CWE-822" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://srcincite.io/advisories/src-2018-0007/", + "refsource": "MISC", + "url": "https://srcincite.io/advisories/src-2018-0007/" + }, + { + "name": "103487", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103487" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-081-02" + }, + { + "name": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf", + "refsource": "CONFIRM", + "url": "https://download.beckhoff.com/download/Document/product-security/Advisories/advisory-2018-001.pdf" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1043.json b/2019/1xxx/CVE-2019-1043.json index d8fdee306d8..017cf29a39c 100644 --- a/2019/1xxx/CVE-2019-1043.json +++ b/2019/1xxx/CVE-2019-1043.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1043", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1043", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1288.json b/2019/1xxx/CVE-2019-1288.json index 2a97d24f509..b272499c7ee 100644 --- a/2019/1xxx/CVE-2019-1288.json +++ b/2019/1xxx/CVE-2019-1288.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1288", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1288", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1337.json b/2019/1xxx/CVE-2019-1337.json index 7767323422c..3f669e6133f 100644 --- a/2019/1xxx/CVE-2019-1337.json +++ b/2019/1xxx/CVE-2019-1337.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1337", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1337", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1374.json b/2019/1xxx/CVE-2019-1374.json index 31c518efabe..3abc1c57e7e 100644 --- a/2019/1xxx/CVE-2019-1374.json +++ b/2019/1xxx/CVE-2019-1374.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1374", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1374", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1739.json b/2019/1xxx/CVE-2019-1739.json index 02e40b6101b..a67ec2253e4 100644 --- a/2019/1xxx/CVE-2019-1739.json +++ b/2019/1xxx/CVE-2019-1739.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1739", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1739", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5228.json b/2019/5xxx/CVE-2019-5228.json index 90381c5a5f3..77b3824afda 100644 --- a/2019/5xxx/CVE-2019-5228.json +++ b/2019/5xxx/CVE-2019-5228.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5228", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5228", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5388.json b/2019/5xxx/CVE-2019-5388.json index 4a603c9ebd0..09911932c48 100644 --- a/2019/5xxx/CVE-2019-5388.json +++ b/2019/5xxx/CVE-2019-5388.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5388", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5388", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5390.json b/2019/5xxx/CVE-2019-5390.json index 67b64447a83..8955ffa0727 100644 --- a/2019/5xxx/CVE-2019-5390.json +++ b/2019/5xxx/CVE-2019-5390.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5390", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5390", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5733.json b/2019/5xxx/CVE-2019-5733.json index 2c3d99ad2c4..665f9717323 100644 --- a/2019/5xxx/CVE-2019-5733.json +++ b/2019/5xxx/CVE-2019-5733.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5733", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5733", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file