From f6366de0300c22ba6a8b1706220a57f57053d1f6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:19:54 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2006/5xxx/CVE-2006-5192.json | 150 +++++++-------- 2007/2xxx/CVE-2007-2235.json | 190 +++++++++---------- 2007/2xxx/CVE-2007-2333.json | 170 ++++++++--------- 2007/2xxx/CVE-2007-2469.json | 160 ++++++++-------- 2007/2xxx/CVE-2007-2505.json | 180 +++++++++--------- 2007/2xxx/CVE-2007-2530.json | 170 ++++++++--------- 2007/3xxx/CVE-2007-3291.json | 160 ++++++++-------- 2007/3xxx/CVE-2007-3529.json | 150 +++++++-------- 2007/3xxx/CVE-2007-3701.json | 210 ++++++++++----------- 2007/4xxx/CVE-2007-4972.json | 160 ++++++++-------- 2007/6xxx/CVE-2007-6008.json | 120 ++++++------ 2007/6xxx/CVE-2007-6695.json | 150 +++++++-------- 2010/0xxx/CVE-2010-0310.json | 170 ++++++++--------- 2010/0xxx/CVE-2010-0863.json | 150 +++++++-------- 2010/1xxx/CVE-2010-1953.json | 150 +++++++-------- 2010/5xxx/CVE-2010-5006.json | 150 +++++++-------- 2010/5xxx/CVE-2010-5117.json | 34 ++-- 2014/0xxx/CVE-2014-0111.json | 140 +++++++------- 2014/0xxx/CVE-2014-0342.json | 150 +++++++-------- 2014/0xxx/CVE-2014-0461.json | 320 ++++++++++++++++---------------- 2014/0xxx/CVE-2014-0878.json | 330 ++++++++++++++++----------------- 2014/1xxx/CVE-2014-1428.json | 34 ++-- 2014/5xxx/CVE-2014-5762.json | 140 +++++++------- 2015/2xxx/CVE-2015-2215.json | 130 ++++++------- 2015/2xxx/CVE-2015-2465.json | 130 ++++++------- 2015/2xxx/CVE-2015-2642.json | 130 ++++++------- 2015/2xxx/CVE-2015-2788.json | 170 ++++++++--------- 2016/10xxx/CVE-2016-10403.json | 132 ++++++------- 2016/10xxx/CVE-2016-10488.json | 34 ++-- 2016/3xxx/CVE-2016-3136.json | 330 ++++++++++++++++----------------- 2016/4xxx/CVE-2016-4213.json | 140 +++++++------- 2016/4xxx/CVE-2016-4746.json | 160 ++++++++-------- 2016/4xxx/CVE-2016-4812.json | 140 +++++++------- 2016/8xxx/CVE-2016-8530.json | 132 ++++++------- 2016/8xxx/CVE-2016-8966.json | 130 ++++++------- 2016/9xxx/CVE-2016-9482.json | 166 ++++++++--------- 2016/9xxx/CVE-2016-9847.json | 140 +++++++------- 2016/9xxx/CVE-2016-9862.json | 140 +++++++------- 2019/2xxx/CVE-2019-2054.json | 34 ++-- 2019/2xxx/CVE-2019-2651.json | 34 ++-- 2019/2xxx/CVE-2019-2822.json | 34 ++-- 2019/6xxx/CVE-2019-6108.json | 34 ++-- 2019/6xxx/CVE-2019-6127.json | 120 ++++++------ 2019/6xxx/CVE-2019-6377.json | 34 ++-- 2019/6xxx/CVE-2019-6534.json | 34 ++-- 2019/6xxx/CVE-2019-6544.json | 34 ++-- 2019/7xxx/CVE-2019-7492.json | 34 ++-- 2019/7xxx/CVE-2019-7605.json | 34 ++-- 2019/7xxx/CVE-2019-7749.json | 34 ++-- 49 files changed, 3201 insertions(+), 3201 deletions(-) diff --git a/2006/5xxx/CVE-2006-5192.json b/2006/5xxx/CVE-2006-5192.json index 70905956ea2..84e3f2d4626 100644 --- a/2006/5xxx/CVE-2006-5192.json +++ b/2006/5xxx/CVE-2006-5192.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2006-5192", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2006-5192", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "2476", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/2476/" - }, - { - "name" : "20352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/20352" - }, - { - "name" : "ADV-2006-3915", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2006/3915" - }, - { - "name" : "phpgreetz-footer-file-include(29346)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/29346" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in includes/footer.php in phpGreetz 0.99 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the PHPGREETZ_INCLUDE_DIR parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/20352" + }, + { + "name": "ADV-2006-3915", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2006/3915" + }, + { + "name": "phpgreetz-footer-file-include(29346)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29346" + }, + { + "name": "2476", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/2476/" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2235.json b/2007/2xxx/CVE-2007-2235.json index a65de57e2e6..6ab2b7abc4c 100644 --- a/2007/2xxx/CVE-2007-2235.json +++ b/2007/2xxx/CVE-2007-2235.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2235", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2235", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465400/100/100/threaded" - }, - { - "name" : "20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/465338/100/100/threaded" - }, - { - "name" : "http://www.acid-root.new.fr/advisories/13070411.txt", - "refsource" : "MISC", - "url" : "http://www.acid-root.new.fr/advisories/13070411.txt" - }, - { - "name" : "http://dev.punbb.org/changeset/934", - "refsource" : "CONFIRM", - "url" : "http://dev.punbb.org/changeset/934" - }, - { - "name" : "http://dev.punbb.org/changeset/938", - "refsource" : "CONFIRM", - "url" : "http://dev.punbb.org/changeset/938" - }, - { - "name" : "ADV-2007-1362", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1362" - }, - { - "name" : "24843", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24843" - }, - { - "name" : "2613", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2613" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in PunBB 1.2.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Referer HTTP header to misc.php or the (2) category name when deleting a category in admin_categories.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070411 PunBB <= 1.2.14 Remote Code Execution (Exploit)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465338/100/100/threaded" + }, + { + "name": "http://dev.punbb.org/changeset/938", + "refsource": "CONFIRM", + "url": "http://dev.punbb.org/changeset/938" + }, + { + "name": "http://dev.punbb.org/changeset/934", + "refsource": "CONFIRM", + "url": "http://dev.punbb.org/changeset/934" + }, + { + "name": "http://www.acid-root.new.fr/advisories/13070411.txt", + "refsource": "MISC", + "url": "http://www.acid-root.new.fr/advisories/13070411.txt" + }, + { + "name": "24843", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24843" + }, + { + "name": "2613", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2613" + }, + { + "name": "ADV-2007-1362", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1362" + }, + { + "name": "20070411 PunBB <= 1.2.14 Multiple Vulnerabilities (Advisory)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/465400/100/100/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2333.json b/2007/2xxx/CVE-2007-2333.json index 9a0869d22c9..011ed14e395 100644 --- a/2007/2xxx/CVE-2007-2333.json +++ b/2007/2xxx/CVE-2007-2333.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null", - "refsource" : "CONFIRM", - "url" : "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null" - }, - { - "name" : "23562", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23562" - }, - { - "name" : "ADV-2007-1464", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1464" - }, - { - "name" : "35055", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35055" - }, - { - "name" : "1017943", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1017943" - }, - { - "name" : "24962", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24962" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1017943", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1017943" + }, + { + "name": "23562", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23562" + }, + { + "name": "24962", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24962" + }, + { + "name": "35055", + "refsource": "OSVDB", + "url": "http://osvdb.org/35055" + }, + { + "name": "ADV-2007-1464", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1464" + }, + { + "name": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null", + "refsource": "CONFIRM", + "url": "http://www130.nortelnetworks.com/go/main.jsp?cscat=BLTNDETAIL&DocumentOID=567877&RenditionID=&poid=null" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2469.json b/2007/2xxx/CVE-2007-2469.json index 58fcdbaf994..329107199c9 100644 --- a/2007/2xxx/CVE-2007-2469.json +++ b/2007/2xxx/CVE-2007-2469.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2469", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2469", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://pridels0.blogspot.com/2007/05/filerun-vuln.html", - "refsource" : "MISC", - "url" : "http://pridels0.blogspot.com/2007/05/filerun-vuln.html" - }, - { - "name" : "23752", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23752" - }, - { - "name" : "ADV-2007-1627", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1627" - }, - { - "name" : "25075", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25075" - }, - { - "name" : "filerun-index-sql-injection(34006)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34006" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in index.php in FileRun 1.0 and earlier allows remote attackers to execute arbitrary SQL commands via the fid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "filerun-index-sql-injection(34006)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34006" + }, + { + "name": "25075", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25075" + }, + { + "name": "ADV-2007-1627", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1627" + }, + { + "name": "http://pridels0.blogspot.com/2007/05/filerun-vuln.html", + "refsource": "MISC", + "url": "http://pridels0.blogspot.com/2007/05/filerun-vuln.html" + }, + { + "name": "23752", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23752" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2505.json b/2007/2xxx/CVE-2007-2505.json index 2857127e500..717c6035443 100644 --- a/2007/2xxx/CVE-2007-2505.json +++ b/2007/2xxx/CVE-2007-2505.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2505", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. NOTE: some of these details are obtained from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070502 Vulnerability in InterVations' MailCopa", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/467372/100/0/threaded" - }, - { - "name" : "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37", - "refsource" : "MISC", - "url" : "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37" - }, - { - "name" : "23767", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23767" - }, - { - "name" : "ADV-2007-1652", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1652" - }, - { - "name" : "35546", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35546" - }, - { - "name" : "25125", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25125" - }, - { - "name" : "mailcopa-commandline-bo(34052)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34052" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in InterVations MailCOPA 8.01 20070323 allows user-assisted remote attackers to execute arbitrary code via a long command line argument, as demonstrated by a long string in the subject field in a mailto URI. NOTE: some of these details are obtained from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23767", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23767" + }, + { + "name": "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37", + "refsource": "MISC", + "url": "http://www.skilltube.com/index.php?option=com_content&task=view&id=24&Itemid=37" + }, + { + "name": "ADV-2007-1652", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1652" + }, + { + "name": "mailcopa-commandline-bo(34052)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34052" + }, + { + "name": "25125", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25125" + }, + { + "name": "20070502 Vulnerability in InterVations' MailCopa", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/467372/100/0/threaded" + }, + { + "name": "35546", + "refsource": "OSVDB", + "url": "http://osvdb.org/35546" + } + ] + } +} \ No newline at end of file diff --git a/2007/2xxx/CVE-2007-2530.json b/2007/2xxx/CVE-2007-2530.json index bbd031d4640..4f572af4bd5 100644 --- a/2007/2xxx/CVE-2007-2530.json +++ b/2007/2xxx/CVE-2007-2530.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-2530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-2530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3865", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3865" - }, - { - "name" : "ADV-2007-1680", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1680" - }, - { - "name" : "35823", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35823" - }, - { - "name" : "35824", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35824" - }, - { - "name" : "25179", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25179" - }, - { - "name" : "tropicalm-respath-file-include(34113)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in Tropicalm Crowell Resource 4.5.2 allow remote attackers to execute arbitrary PHP code via a URL in the RESPATH parameter to (1) dosearch.php or (2) printfriendly.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "tropicalm-respath-file-include(34113)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34113" + }, + { + "name": "35824", + "refsource": "OSVDB", + "url": "http://osvdb.org/35824" + }, + { + "name": "25179", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25179" + }, + { + "name": "ADV-2007-1680", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1680" + }, + { + "name": "3865", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3865" + }, + { + "name": "35823", + "refsource": "OSVDB", + "url": "http://osvdb.org/35823" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3291.json b/2007/3xxx/CVE-2007-3291.json index 81ce027b465..8850e6f1a0a 100644 --- a/2007/3xxx/CVE-2007-3291.json +++ b/2007/3xxx/CVE-2007-3291.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3291", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3291", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4082", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4082" - }, - { - "name" : "24580", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24580" - }, - { - "name" : "37491", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37491" - }, - { - "name" : "25744", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25744" - }, - { - "name" : "livecms-articlename-xss(35148)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35148" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24580", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24580" + }, + { + "name": "livecms-articlename-xss(35148)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35148" + }, + { + "name": "37491", + "refsource": "OSVDB", + "url": "http://osvdb.org/37491" + }, + { + "name": "4082", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4082" + }, + { + "name": "25744", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25744" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3529.json b/2007/3xxx/CVE-2007-3529.json index c78ae39ce3a..1984cd7d470 100644 --- a/2007/3xxx/CVE-2007-3529.json +++ b/2007/3xxx/CVE-2007-3529.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3529", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information via an empty value of the id[] parameter, which reveals the path in an error message." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3529", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070702 PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/472661/100/0/threaded" - }, - { - "name" : "4139", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/4139" - }, - { - "name" : "39717", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39717" - }, - { - "name" : "phpdirector-videos-information-disclosure(35221)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35221" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "videos.php in PHPDirector 0.21 and earlier allows remote attackers to obtain sensitive information via an empty value of the id[] parameter, which reveals the path in an error message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070702 PHPDirector <= 0.21 (SQL injection/Upload SHELL) Remote Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/472661/100/0/threaded" + }, + { + "name": "phpdirector-videos-information-disclosure(35221)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35221" + }, + { + "name": "39717", + "refsource": "OSVDB", + "url": "http://osvdb.org/39717" + }, + { + "name": "4139", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/4139" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3701.json b/2007/3xxx/CVE-2007-3701.json index 32552bf7a59..f573e051b6c 100644 --- a/2007/3xxx/CVE-2007-3701.json +++ b/2007/3xxx/CVE-2007-3701.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3701", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3701", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070710 TippingPoint IPS Signature Evasion", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/473311/100/0/threaded" - }, - { - "name" : "20070710 TippingPoint IPS Signature Evasion", - "refsource" : "FULLDISC", - "url" : "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html" - }, - { - "name" : "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf", - "refsource" : "MISC", - "url" : "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf" - }, - { - "name" : "http://www.3com.com/securityalert/alerts/3COM-07-003.html", - "refsource" : "CONFIRM", - "url" : "http://www.3com.com/securityalert/alerts/3COM-07-003.html" - }, - { - "name" : "24855", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24855" - }, - { - "name" : "35970", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/35970" - }, - { - "name" : "ADV-2007-2490", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2490" - }, - { - "name" : "1018361", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018361" - }, - { - "name" : "26013", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26013" - }, - { - "name" : "tippingpoint-hex-security-byass(35336)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35336" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "TippingPoint IPS before 20070710 does not properly handle a hex-encoded alternate Unicode '/' (slash) character, which might allow remote attackers to send certain network traffic and avoid detection, as demonstrated by a cmd.exe attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24855", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24855" + }, + { + "name": "26013", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26013" + }, + { + "name": "1018361", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018361" + }, + { + "name": "http://www.3com.com/securityalert/alerts/3COM-07-003.html", + "refsource": "CONFIRM", + "url": "http://www.3com.com/securityalert/alerts/3COM-07-003.html" + }, + { + "name": "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf", + "refsource": "MISC", + "url": "http://security-assessment.com/files/advisories/2007-07-11_Tippingpoint_IPS_Signature_Evasion.pdf" + }, + { + "name": "20070710 TippingPoint IPS Signature Evasion", + "refsource": "FULLDISC", + "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-July/064550.html" + }, + { + "name": "ADV-2007-2490", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2490" + }, + { + "name": "20070710 TippingPoint IPS Signature Evasion", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/473311/100/0/threaded" + }, + { + "name": "tippingpoint-hex-security-byass(35336)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35336" + }, + { + "name": "35970", + "refsource": "OSVDB", + "url": "http://osvdb.org/35970" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4972.json b/2007/4xxx/CVE-2007-4972.json index 52f4632e031..a28425fd597 100644 --- a/2007/4xxx/CVE-2007-4972.json +++ b/2007/4xxx/CVE-2007-4972.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4972", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey and (2) NtOpenKey Windows Native API functions." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4972", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070918 Plague in (security) software drivers & BSDOhook utility", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/479830/100/0/threaded" - }, - { - "name" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" - }, - { - "name" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", - "refsource" : "MISC", - "url" : "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" - }, - { - "name" : "25721", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25721" - }, - { - "name" : "45957", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45957" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "RegMon 7.04 does not properly validate certain parameters to System Service Descriptor Table (SSDT) function handlers, which allows local users to cause a denial of service (crash) and possibly gain privileges via kernel SSDT hooks to the (1) NtCreateKey and (2) NtOpenKey Windows Native API functions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/info/advisories/plague-in-security-software-drivers.php" + }, + { + "name": "45957", + "refsource": "OSVDB", + "url": "http://osvdb.org/45957" + }, + { + "name": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php", + "refsource": "MISC", + "url": "http://www.matousec.com/projects/windows-personal-firewall-analysis/plague-in-security-software-drivers.php" + }, + { + "name": "25721", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25721" + }, + { + "name": "20070918 Plague in (security) software drivers & BSDOhook utility", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/479830/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6008.json b/2007/6xxx/CVE-2007-6008.json index ec2d9e50364..e98db7b63f6 100644 --- a/2007/6xxx/CVE-2007-6008.json +++ b/2007/6xxx/CVE-2007-6008.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6008", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6008", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "27304", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27304" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27304", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27304" + } + ] + } +} \ No newline at end of file diff --git a/2007/6xxx/CVE-2007-6695.json b/2007/6xxx/CVE-2007-6695.json index 8528f6947f8..2ad7fe6ff69 100644 --- a/2007/6xxx/CVE-2007-6695.json +++ b/2007/6xxx/CVE-2007-6695.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-6695", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-6695", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html", - "refsource" : "MISC", - "url" : "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html" - }, - { - "name" : "27459", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/27459" - }, - { - "name" : "41199", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41199" - }, - { - "name" : "drakecms-index-xss(39976)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/39976" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in index.php in Drake CMS 0.4.9 allows remote attackers to inject arbitrary web script or HTML via the option parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "41199", + "refsource": "OSVDB", + "url": "http://osvdb.org/41199" + }, + { + "name": "27459", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/27459" + }, + { + "name": "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html", + "refsource": "MISC", + "url": "http://www.digitrustgroup.com/advisories/web-application-security-drake_cms.html" + }, + { + "name": "drakecms-index-xss(39976)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39976" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0310.json b/2010/0xxx/CVE-2010-0310.json index 2cda29efbfe..97c4507aa41 100644 --- a/2010/0xxx/CVE-2010-0310.json +++ b/2010/0xxx/CVE-2010-0310.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0310", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-0310", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1" - }, - { - "name" : "275410", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1" - }, - { - "name" : "37754", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/37754" - }, - { - "name" : "oval:org.mitre.oval:def:8444", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8444" - }, - { - "name" : "1023448", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1023448" - }, - { - "name" : "38129", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/38129" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to omission of unspecified libraries from software updates." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "275410", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275410-1" + }, + { + "name": "oval:org.mitre.oval:def:8444", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8444" + }, + { + "name": "38129", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/38129" + }, + { + "name": "1023448", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1023448" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-143502-01-1" + }, + { + "name": "37754", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/37754" + } + ] + } +} \ No newline at end of file diff --git a/2010/0xxx/CVE-2010-0863.json b/2010/0xxx/CVE-2010-0863.json index 5ed4a23f975..42e5dbe66ef 100644 --- a/2010/0xxx/CVE-2010-0863.json +++ b/2010/0xxx/CVE-2010-0863.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-0863", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2010-0863", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" - }, - { - "name" : "TA10-103B", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" - }, - { - "name" : "1023872", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1023872" - }, - { - "name" : "oipsr-rplanis-unspecified(57744)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/57744" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry Product Suite 12.2 allows remote attackers to affect integrity via unknown vectors related to Online Help." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "TA10-103B", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA10-103B.html" + }, + { + "name": "oipsr-rplanis-unspecified(57744)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57744" + }, + { + "name": "1023872", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1023872" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2010-099504.html" + } + ] + } +} \ No newline at end of file diff --git a/2010/1xxx/CVE-2010-1953.json b/2010/1xxx/CVE-2010-1953.json index 8e65e0d2efc..c44e953036f 100644 --- a/2010/1xxx/CVE-2010-1953.json +++ b/2010/1xxx/CVE-2010-1953.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-1953", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-1953", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "12288", - "refsource" : "EXPLOIT-DB", - "url" : "http://www.exploit-db.com/exploits/12288" - }, - { - "name" : "39551", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/39551" - }, - { - "name" : "39530", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/39530" - }, - { - "name" : "ADV-2010-0927", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/0927" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39551", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/39551" + }, + { + "name": "12288", + "refsource": "EXPLOIT-DB", + "url": "http://www.exploit-db.com/exploits/12288" + }, + { + "name": "39530", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/39530" + }, + { + "name": "ADV-2010-0927", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/0927" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5006.json b/2010/5xxx/CVE-2010-5006.json index a032e5eeada..c17d28aff3b 100644 --- a/2010/5xxx/CVE-2010-5006.json +++ b/2010/5xxx/CVE-2010-5006.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5006", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2010-5006", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt" - }, - { - "name" : "40625", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/40625" - }, - { - "name" : "8505", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/8505" - }, - { - "name" : "ADV-2010-1404", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2010/1404" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in googlemap/index.php in EMO Realty Manager allows remote attackers to execute arbitrary SQL commands via the cat1 parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "40625", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/40625" + }, + { + "name": "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt", + "refsource": "MISC", + "url": "http://packetstormsecurity.org/1006-exploits/emorealtymanager-sql.txt" + }, + { + "name": "ADV-2010-1404", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2010/1404" + }, + { + "name": "8505", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/8505" + } + ] + } +} \ No newline at end of file diff --git a/2010/5xxx/CVE-2010-5117.json b/2010/5xxx/CVE-2010-5117.json index d706e3a7ce9..74a75b19ac7 100644 --- a/2010/5xxx/CVE-2010-5117.json +++ b/2010/5xxx/CVE-2010-5117.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2010-5117", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2010-5117", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0111.json b/2014/0xxx/CVE-2014-0111.json index 1f0ef629c0f..50a078d87a4 100644 --- a/2014/0xxx/CVE-2014-0111.json +++ b/2014/0xxx/CVE-2014-0111.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0111", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, \"derived schema definition,\" \"user / role templates,\" and \"account links of resource mappings.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-0111", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20140415 [SECURITY] CVE-2014-0111 Apache Syncope", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/531841/100/0/threaded" - }, - { - "name" : "[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope", - "refsource" : "MLIST", - "url" : "http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E" - }, - { - "name" : "http://syncope.apache.org/security.html", - "refsource" : "CONFIRM", - "url" : "http://syncope.apache.org/security.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache Syncope 1.0.0 before 1.0.9 and 1.1.0 before 1.1.7 allows remote administrators to execute arbitrary Java code via vectors related to Apache Commons JEXL expressions, \"derived schema definition,\" \"user / role templates,\" and \"account links of resource mappings.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[www-announce] 20140415 [SECURITY] CVE-2014-0111 Apache Syncope", + "refsource": "MLIST", + "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201404.mbox/%3C534CE273.9020601@apache.org%3E" + }, + { + "name": "http://syncope.apache.org/security.html", + "refsource": "CONFIRM", + "url": "http://syncope.apache.org/security.html" + }, + { + "name": "20140415 [SECURITY] CVE-2014-0111 Apache Syncope", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/531841/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0342.json b/2014/0xxx/CVE-2014-0342.json index 5e4356c33b7..1c67f4e377a 100644 --- a/2014/0xxx/CVE-2014-0342.json +++ b/2014/0xxx/CVE-2014-0342.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0342", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-0342", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released", - "refsource" : "CONFIRM", - "url" : "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released" - }, - { - "name" : "http://pivotx.net/page/security", - "refsource" : "CONFIRM", - "url" : "http://pivotx.net/page/security" - }, - { - "name" : "http://sourceforge.net/p/pivot-weblog/code/4347/", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/p/pivot-weblog/code/4347/" - }, - { - "name" : "VU#901156", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/901156" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released", + "refsource": "CONFIRM", + "url": "http://blog.pivotx.net/archive/2014/03/03/pivotx-239-released" + }, + { + "name": "http://sourceforge.net/p/pivot-weblog/code/4347/", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/p/pivot-weblog/code/4347/" + }, + { + "name": "http://pivotx.net/page/security", + "refsource": "CONFIRM", + "url": "http://pivotx.net/page/security" + }, + { + "name": "VU#901156", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/901156" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0461.json b/2014/0xxx/CVE-2014-0461.json index ee43fb28adf..cf87c6eeadf 100644 --- a/2014/0xxx/CVE-2014-0461.json +++ b/2014/0xxx/CVE-2014-0461.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0461", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2014-0461", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" - }, - { - "name" : "https://www.ibm.com/support/docview.wss?uid=swg21675973", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/docview.wss?uid=swg21675973" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" - }, - { - "name" : "DSA-2912", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2014/dsa-2912" - }, - { - "name" : "GLSA-201406-32", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201406-32.xml" - }, - { - "name" : "GLSA-201502-12", - "refsource" : "GENTOO", - "url" : "http://security.gentoo.org/glsa/glsa-201502-12.xml" - }, - { - "name" : "HPSBUX03091", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "HPSBUX03092", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "SSRT101667", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852886808946&w=2" - }, - { - "name" : "SSRT101668", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=140852974709252&w=2" - }, - { - "name" : "RHSA-2014:0675", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0675.html" - }, - { - "name" : "RHSA-2014:0685", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2014-0685.html" - }, - { - "name" : "RHSA-2014:0413", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0413" - }, - { - "name" : "RHSA-2014:0414", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2014:0414" - }, - { - "name" : "USN-2191-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2191-1" - }, - { - "name" : "USN-2187-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2187-1" - }, - { - "name" : "66902", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/66902" - }, - { - "name" : "58415", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58415" - }, - { - "name" : "58974", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/58974" - }, - { - "name" : "59058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59058" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2187-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2187-1" + }, + { + "name": "RHSA-2014:0675", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0675.html" + }, + { + "name": "https://www.ibm.com/support/docview.wss?uid=swg21675973", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/docview.wss?uid=swg21675973" + }, + { + "name": "RHSA-2014:0414", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0414" + }, + { + "name": "GLSA-201406-32", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml" + }, + { + "name": "USN-2191-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2191-1" + }, + { + "name": "HPSBUX03091", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080" + }, + { + "name": "RHSA-2014:0413", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2014:0413" + }, + { + "name": "59058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59058" + }, + { + "name": "SSRT101667", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2" + }, + { + "name": "HPSBUX03092", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "RHSA-2014:0685", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2014-0685.html" + }, + { + "name": "58974", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58974" + }, + { + "name": "DSA-2912", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2014/dsa-2912" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html" + }, + { + "name": "58415", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/58415" + }, + { + "name": "SSRT101668", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" + }, + { + "name": "GLSA-201502-12", + "refsource": "GENTOO", + "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml" + }, + { + "name": "66902", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/66902" + } + ] + } +} \ No newline at end of file diff --git a/2014/0xxx/CVE-2014-0878.json b/2014/0xxx/CVE-2014-0878.json index a47c7c573ea..23de218b85e 100644 --- a/2014/0xxx/CVE-2014-0878.json +++ b/2014/0xxx/CVE-2014-0878.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-0878", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2014-0878", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672043", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21672043" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21675343", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21675343" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21675588", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21675588" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21673836" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676703" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21674539" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679713" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21681256" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21677387", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21677387" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686717", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21686717" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21689593" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21683484" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21679610" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21680750" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21676672" - }, - { - "name" : "67601", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/67601" - }, - { - "name" : "59022", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59022" - }, - { - "name" : "59058", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59058" - }, - { - "name" : "59023", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/59023" - }, - { - "name" : "61264", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/61264" - }, - { - "name" : "ibm-java-cve20140878-weak-sec(91084)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/91084" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "59022", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59022" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680750" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679610" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676672" + }, + { + "name": "59058", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59058" + }, + { + "name": "61264", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/61264" + }, + { + "name": "ibm-java-cve20140878-weak-sec(91084)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91084" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21689593" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21681256" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21674539" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686717" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21683484" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673836" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21677387" + }, + { + "name": "59023", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/59023" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676746" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672043", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672043" + }, + { + "name": "67601", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/67601" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679713" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21675343", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21675343" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676703" + }, + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21675588", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21675588" + } + ] + } +} \ No newline at end of file diff --git a/2014/1xxx/CVE-2014-1428.json b/2014/1xxx/CVE-2014-1428.json index fcc9d60aa23..1d02c498509 100644 --- a/2014/1xxx/CVE-2014-1428.json +++ b/2014/1xxx/CVE-2014-1428.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-1428", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-1428", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5762.json b/2014/5xxx/CVE-2014-5762.json index 342863a8415..a01c81c8bbe 100644 --- a/2014/5xxx/CVE-2014-5762.json +++ b/2014/5xxx/CVE-2014-5762.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5762", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2014-5762", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", - "refsource" : "MISC", - "url" : "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" - }, - { - "name" : "VU#154729", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/154729" - }, - { - "name" : "VU#582497", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/582497" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cut the Rope: Time Travel (aka com.zeptolab.timetravel.free.google) application 1.3.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#154729", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/154729" + }, + { + "name": "VU#582497", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/582497" + }, + { + "name": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing", + "refsource": "MISC", + "url": "https://docs.google.com/spreadsheets/d/1t5GXwjw82SyunALVJb2w0zi3FoLRIkfGPc7AMjRF0r4/edit?usp=sharing" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2215.json b/2015/2xxx/CVE-2015-2215.json index b64bdc3e478..45bfa313408 100644 --- a/2015/2xxx/CVE-2015-2215.json +++ b/2015/2xxx/CVE-2015-2215.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.drupal.org/node/2437965", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2437965" - }, - { - "name" : "72803", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/72803" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.drupal.org/node/2437965", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2437965" + }, + { + "name": "72803", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/72803" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2465.json b/2015/2xxx/CVE-2015-2465.json index f07ab4884a7..e3f940b820c 100644 --- a/2015/2xxx/CVE-2015-2465.json +++ b/2015/2xxx/CVE-2015-2465.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2465", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"Windows Shell Security Feature Bypass Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2465", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-080", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" - }, - { - "name" : "1033238", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033238" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Windows shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka \"Windows Shell Security Feature Bypass Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-080", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-080" + }, + { + "name": "1033238", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033238" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2642.json b/2015/2xxx/CVE-2015-2642.json index d9b4de4eff2..3f3a82c597f 100644 --- a/2015/2xxx/CVE-2015-2642.json +++ b/2015/2xxx/CVE-2015-2642.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" - }, - { - "name" : "1033881", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033881" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Gzip." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html" + }, + { + "name": "1033881", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033881" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2788.json b/2015/2xxx/CVE-2015-2788.json index fc08d08e5dc..51b4b1a5814 100644 --- a/2015/2xxx/CVE-2015-2788.json +++ b/2015/2xxx/CVE-2015-2788.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2788", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2015-2788", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150330 CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/30/4" - }, - { - "name" : "[oss-security] 20150330 Re: CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/03/30/10" - }, - { - "name" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925", - "refsource" : "CONFIRM", - "url" : "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925" - }, - { - "name" : "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes", - "refsource" : "CONFIRM", - "url" : "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes" - }, - { - "name" : "DSA-3219", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2015/dsa-3219" - }, - { - "name" : "73409", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/73409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "73409", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/73409" + }, + { + "name": "DSA-3219", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2015/dsa-3219" + }, + { + "name": "[oss-security] 20150330 Re: CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/30/10" + }, + { + "name": "[oss-security] 20150330 CVE Request: DBD-Firebird: Buffer Overflow in dbdimp.c", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/03/30/4" + }, + { + "name": "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes", + "refsource": "CONFIRM", + "url": "https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes" + }, + { + "name": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925", + "refsource": "CONFIRM", + "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10403.json b/2016/10xxx/CVE-2016-10403.json index fe40fa90a57..af01ee02a54 100644 --- a/2016/10xxx/CVE-2016-10403.json +++ b/2016/10xxx/CVE-2016-10403.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "chrome-cve-admin@google.com", - "ID" : "CVE-2016-10403", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Chrome", - "version" : { - "version_data" : [ - { - "version_affected" : "<", - "version_value" : "51.0.2704.63" - } - ] - } - } - ] - }, - "vendor_name" : "Google" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Insufficient data validation" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-10403", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Chrome", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "51.0.2704.63" + } + ] + } + } + ] + }, + "vendor_name": "Google" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://crbug.com/602046", - "refsource" : "MISC", - "url" : "https://crbug.com/602046" - }, - { - "name" : "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html", - "refsource" : "CONFIRM", - "url" : "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Insufficient data validation on image data in PDFium in Google Chrome prior to 51.0.2704.63 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Insufficient data validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html", + "refsource": "CONFIRM", + "url": "https://chromereleases.googleblog.com/2016/05/stable-channel-update_25.html" + }, + { + "name": "https://crbug.com/602046", + "refsource": "MISC", + "url": "https://crbug.com/602046" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10488.json b/2016/10xxx/CVE-2016-10488.json index b855ca3d1d4..0d85bc39514 100644 --- a/2016/10xxx/CVE-2016-10488.json +++ b/2016/10xxx/CVE-2016-10488.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-10488", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-10488", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/3xxx/CVE-2016-3136.json b/2016/3xxx/CVE-2016-3136.json index 8fec5a8969f..c40d84f3c86 100644 --- a/2016/3xxx/CVE-2016-3136.json +++ b/2016/3xxx/CVE-2016-3136.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-3136", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@suse.com", + "ID": "CVE-2016-3136", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "39541", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39541/" - }, - { - "name" : "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (mct_u232 driver)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/14/2" - }, - { - "name" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e", - "refsource" : "CONFIRM", - "url" : "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e" - }, - { - "name" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1", - "refsource" : "CONFIRM", - "url" : "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283370", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1283370" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317007", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1317007" - }, - { - "name" : "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e", - "refsource" : "CONFIRM", - "url" : "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e" - }, - { - "name" : "DSA-3607", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3607" - }, - { - "name" : "SUSE-SU-2016:1690", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" - }, - { - "name" : "SUSE-SU-2016:1696", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html" - }, - { - "name" : "SUSE-SU-2016:1764", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" - }, - { - "name" : "openSUSE-SU-2016:1382", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html" - }, - { - "name" : "USN-2996-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2996-1" - }, - { - "name" : "USN-2997-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2997-1" - }, - { - "name" : "USN-3000-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3000-1" - }, - { - "name" : "USN-2968-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2968-1" - }, - { - "name" : "USN-2968-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2968-2" - }, - { - "name" : "USN-2970-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2970-1" - }, - { - "name" : "USN-2971-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2971-1" - }, - { - "name" : "USN-2971-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2971-2" - }, - { - "name" : "USN-2971-3", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2971-3" - }, - { - "name" : "84299", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84299" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-2971-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2971-2" + }, + { + "name": "SUSE-SU-2016:1690", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html" + }, + { + "name": "SUSE-SU-2016:1696", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html" + }, + { + "name": "USN-2970-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2970-1" + }, + { + "name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e", + "refsource": "CONFIRM", + "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4e9a0b05257f29cf4b75f3209243ed71614d062e" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1283370", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1283370" + }, + { + "name": "USN-2968-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2968-1" + }, + { + "name": "[oss-security] 20160314 Re: CVE request -- linux kernel: crash on invalid USB device descriptors (mct_u232 driver)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/14/2" + }, + { + "name": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e", + "refsource": "CONFIRM", + "url": "https://github.com/torvalds/linux/commit/4e9a0b05257f29cf4b75f3209243ed71614d062e" + }, + { + "name": "USN-2971-3", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2971-3" + }, + { + "name": "USN-2997-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2997-1" + }, + { + "name": "SUSE-SU-2016:1764", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00005.html" + }, + { + "name": "USN-3000-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3000-1" + }, + { + "name": "DSA-3607", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3607" + }, + { + "name": "39541", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39541/" + }, + { + "name": "USN-2971-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2971-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1317007", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1317007" + }, + { + "name": "USN-2996-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2996-1" + }, + { + "name": "USN-2968-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2968-2" + }, + { + "name": "openSUSE-SU-2016:1382", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00060.html" + }, + { + "name": "84299", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84299" + }, + { + "name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1", + "refsource": "CONFIRM", + "url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4213.json b/2016/4xxx/CVE-2016-4213.json index d29f53fac53..22fd9bbffdf 100644 --- a/2016/4xxx/CVE-2016-4213.json +++ b/2016/4xxx/CVE-2016-4213.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4213", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4213", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4208, CVE-2016-4211, CVE-2016-4212, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4746.json b/2016/4xxx/CVE-2016-4746.json index 8b4fc56f50f..1ac4d4d8e88 100644 --- a/2016/4xxx/CVE-2016-4746.json +++ b/2016/4xxx/CVE-2016-4746.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT207143", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT207143" - }, - { - "name" : "APPLE-SA-2016-09-13-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-09-20-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" - }, - { - "name" : "92932", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92932" - }, - { - "name" : "1036797", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036797" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Keyboards component in Apple iOS before 10 does not properly use a cache for auto-correct suggestions, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging an unintended correction." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2016-09-20-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html" + }, + { + "name": "1036797", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036797" + }, + { + "name": "APPLE-SA-2016-09-13-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00002.html" + }, + { + "name": "92932", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92932" + }, + { + "name": "https://support.apple.com/HT207143", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT207143" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4812.json b/2016/4xxx/CVE-2016-4812.json index e890be9ee5c..1302e07be51 100644 --- a/2016/4xxx/CVE-2016-4812.json +++ b/2016/4xxx/CVE-2016-4812.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4812", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-4812", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/", - "refsource" : "CONFIRM", - "url" : "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/" - }, - { - "name" : "JVN#26026353", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN26026353/index.html" - }, - { - "name" : "JVNDB-2016-000071", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000071" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVN#26026353", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN26026353/index.html" + }, + { + "name": "JVNDB-2016-000071", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000071" + }, + { + "name": "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/", + "refsource": "CONFIRM", + "url": "https://srd.wordpress.org/plugins/markdown-on-save-improved/changelog/" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8530.json b/2016/8xxx/CVE-2016-8530.json index 0bf8ea78281..3ac0ec04234 100644 --- a/2016/8xxx/CVE-2016-8530.json +++ b/2016/8xxx/CVE-2016-8530.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "security-alert@hpe.com", - "DATE_PUBLIC" : "2017-01-30T00:00:00", - "ID" : "CVE-2016-8530", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "iMC PLAT", - "version" : { - "version_data" : [ - { - "version_value" : "v7.2 E0403P06 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Hewlett Packard Enterprise" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "remote denial of service" - } + "CVE_data_meta": { + "ASSIGNER": "security-alert@hpe.com", + "DATE_PUBLIC": "2017-01-30T00:00:00", + "ID": "CVE-2016-8530", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "iMC PLAT", + "version": { + "version_data": [ + { + "version_value": "v7.2 E0403P06 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Hewlett Packard Enterprise" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/research/tra-2017-09", - "refsource" : "MISC", - "url" : "https://www.tenable.com/security/research/tra-2017-09" - }, - { - "name" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418", - "refsource" : "CONFIRM", - "url" : "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A remote denial of service vulnerability in HPE iMC PLAT version v7.2 E0403P06 and earlier was found. The problem was resolved in iMC PLAT 7.3 E0504 or subsequent version." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "remote denial of service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/research/tra-2017-09", + "refsource": "MISC", + "url": "https://www.tenable.com/security/research/tra-2017-09" + }, + { + "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418", + "refsource": "CONFIRM", + "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382418" + } + ] + } +} \ No newline at end of file diff --git a/2016/8xxx/CVE-2016-8966.json b/2016/8xxx/CVE-2016-8966.json index 4a4a2febc6c..530576fab3c 100644 --- a/2016/8xxx/CVE-2016-8966.json +++ b/2016/8xxx/CVE-2016-8966.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-8966", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "BigFix Inventory", - "version" : { - "version_data" : [ - { - "version_value" : "9.2" - } - ] - } - } - ] - }, - "vendor_name" : "IBM Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-8966", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "BigFix Inventory", + "version": { + "version_data": [ + { + "version_value": "9.2" + } + ] + } + } + ] + }, + "vendor_name": "IBM Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg21995023", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg21995023" - }, - { - "name" : "95138", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95138" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM BigFix Inventory v9 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg21995023", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg21995023" + }, + { + "name": "95138", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95138" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9482.json b/2016/9xxx/CVE-2016-9482.json index d959c25ea0e..79c19389ff7 100644 --- a/2016/9xxx/CVE-2016-9482.json +++ b/2016/9xxx/CVE-2016-9482.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-9482", - "STATE" : "PUBLIC", - "TITLE" : "PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Generator", - "version" : { - "version_data" : [ - { - "affected" : "<", - "version_name" : "2016-12-06", - "version_value" : "2016-12-06" - } - ] - } - } - ] - }, - "vendor_name" : "PHP FormMail" - } - ] - } - }, - "credit" : [ - { - "lang" : "eng", - "value" : "Thanks to Pouya Darabi for reporting this vulnerability." - } - ], - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-302" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-9482", + "STATE": "PUBLIC", + "TITLE": "PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Generator", + "version": { + "version_data": [ + { + "affected": "<", + "version_name": "2016-12-06", + "version_value": "2016-12-06" + } + ] + } + } + ] + }, + "vendor_name": "PHP FormMail" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "VU#494015", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/494015" - }, - { - "name" : "94778", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94778" - } - ] - }, - "solution" : [ - { - "lang" : "eng", - "value" : "The PHP FormMail Generator website as of 2016-12-06 generates PHP code that addresses these issues. Affected users are encouraged to regenerate the PHP form code using the website, or manually apply patches." - } - ], - "source" : { - "discovery" : "UNKNOWN" - } -} + } + }, + "credit": [ + { + "lang": "eng", + "value": "Thanks to Pouya Darabi for reporting this vulnerability." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Code generated by PHP FormMail Generator may allow a remote unauthenticated user to bypass authentication in the to access the administrator panel by navigating directly to /admin.php?mod=admin&func=panel" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-302" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "VU#494015", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/494015" + }, + { + "name": "94778", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94778" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The PHP FormMail Generator website as of 2016-12-06 generates PHP code that addresses these issues. Affected users are encouraged to regenerate the PHP form code using the website, or manually apply patches." + } + ], + "source": { + "discovery": "UNKNOWN" + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9847.json b/2016/9xxx/CVE-2016-9847.json index 81264605d3b..98f0ddef3e0 100644 --- a/2016/9xxx/CVE-2016-9847.json +++ b/2016/9xxx/CVE-2016-9847.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9847", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9847", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-58", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-58" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "94524", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94524" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in phpMyAdmin. When the user does not specify a blowfish_secret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created uses a weak algorithm. This could allow an attacker to determine the user's blowfish_secret and potentially decrypt their cookies. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-58", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-58" + }, + { + "name": "94524", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94524" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9862.json b/2016/9xxx/CVE-2016-9862.json index e722eaff2fd..a6fc41b749a 100644 --- a/2016/9xxx/CVE-2016-9862.json +++ b/2016/9xxx/CVE-2016-9862.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9862", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9862", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.phpmyadmin.net/security/PMASA-2016-67", - "refsource" : "CONFIRM", - "url" : "https://www.phpmyadmin.net/security/PMASA-2016-67" - }, - { - "name" : "GLSA-201701-32", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-32" - }, - { - "name" : "94528", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94528" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in phpMyAdmin. With a crafted login request it is possible to inject BBCode in the login page. All 4.6.x versions (prior to 4.6.5) are affected." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "94528", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94528" + }, + { + "name": "https://www.phpmyadmin.net/security/PMASA-2016-67", + "refsource": "CONFIRM", + "url": "https://www.phpmyadmin.net/security/PMASA-2016-67" + }, + { + "name": "GLSA-201701-32", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-32" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2054.json b/2019/2xxx/CVE-2019-2054.json index 36be60adcfc..bfca3a4094a 100644 --- a/2019/2xxx/CVE-2019-2054.json +++ b/2019/2xxx/CVE-2019-2054.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2054", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2054", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2651.json b/2019/2xxx/CVE-2019-2651.json index c84f60e4456..b38521a3e6d 100644 --- a/2019/2xxx/CVE-2019-2651.json +++ b/2019/2xxx/CVE-2019-2651.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2651", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2651", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2822.json b/2019/2xxx/CVE-2019-2822.json index 5fe43e023d0..400086b1009 100644 --- a/2019/2xxx/CVE-2019-2822.json +++ b/2019/2xxx/CVE-2019-2822.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2822", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2822", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6108.json b/2019/6xxx/CVE-2019-6108.json index f3441741f4e..f318801dcca 100644 --- a/2019/6xxx/CVE-2019-6108.json +++ b/2019/6xxx/CVE-2019-6108.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6108", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6108", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6127.json b/2019/6xxx/CVE-2019-6127.json index 3fdf8f59f68..bbf687f8307 100644 --- a/2019/6xxx/CVE-2019-6127.json +++ b/2019/6xxx/CVE-2019-6127.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6127", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via \"INTO OUTFILE\" with a .php filename." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6127", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md", - "refsource" : "MISC", - "url" : "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via \"INTO OUTFILE\" with a .php filename." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md", + "refsource": "MISC", + "url": "https://github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6377.json b/2019/6xxx/CVE-2019-6377.json index a82c5c3cd36..047946ac4bb 100644 --- a/2019/6xxx/CVE-2019-6377.json +++ b/2019/6xxx/CVE-2019-6377.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6377", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6377", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6534.json b/2019/6xxx/CVE-2019-6534.json index 3a924c46d7b..78ce5e4450d 100644 --- a/2019/6xxx/CVE-2019-6534.json +++ b/2019/6xxx/CVE-2019-6534.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6534", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6534", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6544.json b/2019/6xxx/CVE-2019-6544.json index e55c7016406..513c98ec2bf 100644 --- a/2019/6xxx/CVE-2019-6544.json +++ b/2019/6xxx/CVE-2019-6544.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6544", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6544", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7492.json b/2019/7xxx/CVE-2019-7492.json index 3dfae89bb35..978555a32c8 100644 --- a/2019/7xxx/CVE-2019-7492.json +++ b/2019/7xxx/CVE-2019-7492.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7492", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7492", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7605.json b/2019/7xxx/CVE-2019-7605.json index ee983dd48a2..2313cf19230 100644 --- a/2019/7xxx/CVE-2019-7605.json +++ b/2019/7xxx/CVE-2019-7605.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7605", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7605", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7749.json b/2019/7xxx/CVE-2019-7749.json index 739786c9bb0..79e7bb20ae8 100644 --- a/2019/7xxx/CVE-2019-7749.json +++ b/2019/7xxx/CVE-2019-7749.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7749", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7749", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file