From f7f0ad01cceea79440c07473a2ae2c0fc5663f56 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 03:37:44 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0430.json | 190 ++++++++--------- 2007/0xxx/CVE-2007-0458.json | 320 ++++++++++++++--------------- 2007/0xxx/CVE-2007-0542.json | 140 ++++++------- 2007/0xxx/CVE-2007-0590.json | 130 ++++++------ 2007/0xxx/CVE-2007-0620.json | 180 ++++++++-------- 2007/3xxx/CVE-2007-3244.json | 180 ++++++++-------- 2007/3xxx/CVE-2007-3516.json | 150 +++++++------- 2007/4xxx/CVE-2007-4262.json | 180 ++++++++-------- 2007/4xxx/CVE-2007-4547.json | 150 +++++++------- 2007/4xxx/CVE-2007-4935.json | 270 ++++++++++++------------ 2014/5xxx/CVE-2014-5497.json | 34 +-- 2015/2xxx/CVE-2015-2542.json | 150 +++++++------- 2015/2xxx/CVE-2015-2587.json | 140 ++++++------- 2015/6xxx/CVE-2015-6017.json | 140 ++++++------- 2015/6xxx/CVE-2015-6669.json | 34 +-- 2015/6xxx/CVE-2015-6811.json | 130 ++++++------ 2015/6xxx/CVE-2015-6984.json | 130 ++++++------ 2015/7xxx/CVE-2015-7240.json | 34 +-- 2015/7xxx/CVE-2015-7343.json | 34 +-- 2016/0xxx/CVE-2016-0287.json | 150 +++++++------- 2016/0xxx/CVE-2016-0358.json | 166 +++++++-------- 2016/0xxx/CVE-2016-0463.json | 130 ++++++------ 2016/0xxx/CVE-2016-0504.json | 180 ++++++++-------- 2016/1000xxx/CVE-2016-1000103.json | 34 +-- 2016/10xxx/CVE-2016-10393.json | 130 ++++++------ 2016/10xxx/CVE-2016-10456.json | 132 ++++++------ 2016/4xxx/CVE-2016-4208.json | 150 +++++++------- 2016/4xxx/CVE-2016-4306.json | 140 ++++++------- 2016/4xxx/CVE-2016-4327.json | 140 ++++++------- 2016/4xxx/CVE-2016-4415.json | 140 ++++++------- 2016/4xxx/CVE-2016-4601.json | 150 +++++++------- 2016/9xxx/CVE-2016-9583.json | 216 +++++++++---------- 2016/9xxx/CVE-2016-9609.json | 34 +-- 2016/9xxx/CVE-2016-9680.json | 140 ++++++------- 2019/2xxx/CVE-2019-2131.json | 34 +-- 2019/2xxx/CVE-2019-2599.json | 34 +-- 2019/2xxx/CVE-2019-2699.json | 34 +-- 2019/3xxx/CVE-2019-3018.json | 34 +-- 2019/3xxx/CVE-2019-3165.json | 34 +-- 2019/3xxx/CVE-2019-3625.json | 34 +-- 2019/3xxx/CVE-2019-3929.json | 34 +-- 2019/6xxx/CVE-2019-6147.json | 34 +-- 2019/6xxx/CVE-2019-6547.json | 132 ++++++------ 2019/6xxx/CVE-2019-6621.json | 34 +-- 2019/6xxx/CVE-2019-6878.json | 34 +-- 2019/6xxx/CVE-2019-6915.json | 34 +-- 2019/7xxx/CVE-2019-7913.json | 34 +-- 2019/8xxx/CVE-2019-8070.json | 34 +-- 2019/8xxx/CVE-2019-8388.json | 34 +-- 2019/8xxx/CVE-2019-8658.json | 34 +-- 2019/9xxx/CVE-2019-9185.json | 140 ++++++------- 2019/9xxx/CVE-2019-9567.json | 150 +++++++------- 52 files changed, 2840 insertions(+), 2840 deletions(-) diff --git a/2007/0xxx/CVE-2007-0430.json b/2007/0xxx/CVE-2007-0430.json index a79756173c2..d5a73f2251a 100644 --- a/2007/0xxx/CVE-2007-0430.json +++ b/2007/0xxx/CVE-2007-0430.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0430", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0430", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070119 [RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457466/100/0/threaded" - }, - { - "name" : "http://risesecurity.org/advisory.php?id=RISE-2007001.txt", - "refsource" : "MISC", - "url" : "http://risesecurity.org/advisory.php?id=RISE-2007001.txt" - }, - { - "name" : "ADV-2007-0275", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0275" - }, - { - "name" : "32942", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/32942" - }, - { - "name" : "1017538", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017538" - }, - { - "name" : "23823", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23823" - }, - { - "name" : "2178", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2178" - }, - { - "name" : "macos-sharedregionmapfilenp-dos(31645)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The shared_region_map_file_np function in Apple Mac OS X 10.4.8 and earlier kernel allows local users to cause a denial of service (memory corruption) via a large mappingCount value." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23823", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23823" + }, + { + "name": "2178", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2178" + }, + { + "name": "1017538", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017538" + }, + { + "name": "macos-sharedregionmapfilenp-dos(31645)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31645" + }, + { + "name": "20070119 [RISE-2007001] Apple Mac OS X 10.4.x kernel shared_region_map_file_np() memory corruption vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457466/100/0/threaded" + }, + { + "name": "http://risesecurity.org/advisory.php?id=RISE-2007001.txt", + "refsource": "MISC", + "url": "http://risesecurity.org/advisory.php?id=RISE-2007001.txt" + }, + { + "name": "ADV-2007-0275", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0275" + }, + { + "name": "32942", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/32942" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0458.json b/2007/0xxx/CVE-2007-0458.json index 41d19160127..c994bb848e7 100644 --- a/2007/0xxx/CVE-2007-0458.json +++ b/2007/0xxx/CVE-2007-0458.json @@ -1,162 +1,162 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0458", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-0458", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2007-01.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2007-01.html" - }, - { - "name" : "https://issues.rpath.com/browse/RPL-985", - "refsource" : "CONFIRM", - "url" : "https://issues.rpath.com/browse/RPL-985" - }, - { - "name" : "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm", - "refsource" : "CONFIRM", - "url" : "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm" - }, - { - "name" : "FEDORA-2007-207", - "refsource" : "FEDORA", - "url" : "http://fedoranews.org/cms/node/2565" - }, - { - "name" : "MDKSA-2007:033", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:033" - }, - { - "name" : "RHSA-2007:0066", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0066.html" - }, - { - "name" : "20070301-01-P", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" - }, - { - "name" : "22352", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22352" - }, - { - "name" : "oval:org.mitre.oval:def:10966", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10966" - }, - { - "name" : "oval:org.mitre.oval:def:14836", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14836" - }, - { - "name" : "ADV-2007-0443", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0443" - }, - { - "name" : "33075", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33075" - }, - { - "name" : "1017581", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1017581" - }, - { - "name" : "24016", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24016" - }, - { - "name" : "24011", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24011" - }, - { - "name" : "24025", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24025" - }, - { - "name" : "24084", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24084" - }, - { - "name" : "24515", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24515" - }, - { - "name" : "24650", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24650" - }, - { - "name" : "24970", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24970" - }, - { - "name" : "wireshark-httpdissector-dos(32054)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32054" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2007-207", + "refsource": "FEDORA", + "url": "http://fedoranews.org/cms/node/2565" + }, + { + "name": "24970", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24970" + }, + { + "name": "wireshark-httpdissector-dos(32054)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32054" + }, + { + "name": "24016", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24016" + }, + { + "name": "ADV-2007-0443", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0443" + }, + { + "name": "1017581", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1017581" + }, + { + "name": "24084", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24084" + }, + { + "name": "oval:org.mitre.oval:def:14836", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14836" + }, + { + "name": "oval:org.mitre.oval:def:10966", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10966" + }, + { + "name": "MDKSA-2007:033", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:033" + }, + { + "name": "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm", + "refsource": "CONFIRM", + "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-166.htm" + }, + { + "name": "https://issues.rpath.com/browse/RPL-985", + "refsource": "CONFIRM", + "url": "https://issues.rpath.com/browse/RPL-985" + }, + { + "name": "24650", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24650" + }, + { + "name": "RHSA-2007:0066", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0066.html" + }, + { + "name": "24025", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24025" + }, + { + "name": "24515", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24515" + }, + { + "name": "24011", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24011" + }, + { + "name": "22352", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22352" + }, + { + "name": "33075", + "refsource": "OSVDB", + "url": "http://osvdb.org/33075" + }, + { + "name": "20070301-01-P", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/20070301-01-P.asc" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2007-01.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2007-01.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0542.json b/2007/0xxx/CVE-2007-0542.json index dde7e6836b3..979b20c34f4 100644 --- a/2007/0xxx/CVE-2007-0542.json +++ b/2007/0xxx/CVE-2007-0542.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in show.php in 212cafe Guestbook 4.00 beta allows remote attackers to inject arbitrary web script or HTML via the user parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070121 XSS in Guestbook ( v.4.00 beta )", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/457660/100/0/threaded" - }, - { - "name" : "2190", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2190" - }, - { - "name" : "guestbook-show-xss(31663)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31663" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in show.php in 212cafe Guestbook 4.00 beta allows remote attackers to inject arbitrary web script or HTML via the user parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070121 XSS in Guestbook ( v.4.00 beta )", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/457660/100/0/threaded" + }, + { + "name": "guestbook-show-xss(31663)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31663" + }, + { + "name": "2190", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2190" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0590.json b/2007/0xxx/CVE-2007-0590.json index 793fab8083e..85e28a70c42 100644 --- a/2007/0xxx/CVE-2007-0590.json +++ b/2007/0xxx/CVE-2007-0590.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0590", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject arbitrary web script or HTML via the palavra parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0590", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3197", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3197" - }, - { - "name" : "36645", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36645" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in busca2.asp in Forum Livre 1.0 remote attackers to inject arbitrary web script or HTML via the palavra parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3197", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3197" + }, + { + "name": "36645", + "refsource": "OSVDB", + "url": "http://osvdb.org/36645" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0620.json b/2007/0xxx/CVE-2007-0620.json index 9f29668ca67..9975dc7da2b 100644 --- a/2007/0xxx/CVE-2007-0620.json +++ b/2007/0xxx/CVE-2007-0620.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0620", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0620", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070126 FdScript <= v1.3.2 Remote File Disclosure Vulnerability", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/458231/100/0/threaded" - }, - { - "name" : "22265", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22265" - }, - { - "name" : "ADV-2007-0383", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0383" - }, - { - "name" : "33001", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33001" - }, - { - "name" : "23947", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23947" - }, - { - "name" : "2197", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2197" - }, - { - "name" : "fdscript-download-file-disclosure(31915)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31915" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "download.php in FD Script 1.3.2 and earlier allows remote attackers to read source of files under the web document root with certain extensions, including .php, via a relative pathname in the fname parameter, as demonstrated by downloading config.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23947", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23947" + }, + { + "name": "20070126 FdScript <= v1.3.2 Remote File Disclosure Vulnerability", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/458231/100/0/threaded" + }, + { + "name": "33001", + "refsource": "OSVDB", + "url": "http://osvdb.org/33001" + }, + { + "name": "2197", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2197" + }, + { + "name": "ADV-2007-0383", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0383" + }, + { + "name": "22265", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22265" + }, + { + "name": "fdscript-download-file-disclosure(31915)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31915" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3244.json b/2007/3xxx/CVE-2007-3244.json index 1a6f7d39bcb..215202f75d1 100644 --- a/2007/3xxx/CVE-2007-3244.json +++ b/2007/3xxx/CVE-2007-3244.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3244", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the \"quircky slashes bug.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3244", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bbpress.org/blog/2007/02/bbpress-081/", - "refsource" : "CONFIRM", - "url" : "http://bbpress.org/blog/2007/02/bbpress-081/" - }, - { - "name" : "http://trac.bbpress.org/changeset/717", - "refsource" : "CONFIRM", - "url" : "http://trac.bbpress.org/changeset/717" - }, - { - "name" : "http://trac.bbpress.org/ticket/592", - "refsource" : "CONFIRM", - "url" : "http://trac.bbpress.org/ticket/592" - }, - { - "name" : "24488", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24488" - }, - { - "name" : "ADV-2007-2219", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2219" - }, - { - "name" : "36606", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/36606" - }, - { - "name" : "25696", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25696" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in bb-includes/formatting-functions.php in bbPress before 0.8.1 might allow remote attackers to execute arbitrary SQL commands via unspecified vectors to forums/bb-edit.php, as demonstrated by a PRE element, aka the \"quircky slashes bug.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://trac.bbpress.org/changeset/717", + "refsource": "CONFIRM", + "url": "http://trac.bbpress.org/changeset/717" + }, + { + "name": "ADV-2007-2219", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2219" + }, + { + "name": "http://bbpress.org/blog/2007/02/bbpress-081/", + "refsource": "CONFIRM", + "url": "http://bbpress.org/blog/2007/02/bbpress-081/" + }, + { + "name": "36606", + "refsource": "OSVDB", + "url": "http://osvdb.org/36606" + }, + { + "name": "25696", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25696" + }, + { + "name": "24488", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24488" + }, + { + "name": "http://trac.bbpress.org/ticket/592", + "refsource": "CONFIRM", + "url": "http://trac.bbpress.org/ticket/592" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3516.json b/2007/3xxx/CVE-2007-3516.json index 09ecfbf457e..1040c5ef3e4 100644 --- a/2007/3xxx/CVE-2007-3516.json +++ b/2007/3xxx/CVE-2007-3516.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3516", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in Gorki Online Santrac Sitesi allow remote attackers to inject arbitrary web script or HTML via the (1) kullanici, (2) posta, or (3) takim_adi parameter to uyeler.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3516", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "24735", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24735" - }, - { - "name" : "37530", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37530" - }, - { - "name" : "25908", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25908" - }, - { - "name" : "gorkionline-kayit-xss(35224)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35224" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in kayit.asp in Gorki Online Santrac Sitesi allow remote attackers to inject arbitrary web script or HTML via the (1) kullanici, (2) posta, or (3) takim_adi parameter to uyeler.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24735", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24735" + }, + { + "name": "37530", + "refsource": "OSVDB", + "url": "http://osvdb.org/37530" + }, + { + "name": "gorkionline-kayit-xss(35224)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35224" + }, + { + "name": "25908", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25908" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4262.json b/2007/4xxx/CVE-2007-4262.json index eef02b53a8a..9fee77e9553 100644 --- a/2007/4xxx/CVE-2007-4262.json +++ b/2007/4xxx/CVE-2007-4262.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4262", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4262", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/475678/100/0/threaded" - }, - { - "name" : "http://www.airscanner.com/security/07080601_ezphotosales.htm", - "refsource" : "MISC", - "url" : "http://www.airscanner.com/security/07080601_ezphotosales.htm" - }, - { - "name" : "http://www.informit.com/guides/content.asp?g=security&seqNum=267", - "refsource" : "MISC", - "url" : "http://www.informit.com/guides/content.asp?g=security&seqNum=267" - }, - { - "name" : "http://www.informit.com/guides/content.asp?g=security&seqNum=268", - "refsource" : "MISC", - "url" : "http://www.informit.com/guides/content.asp?g=security&seqNum=268" - }, - { - "name" : "25323", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25323" - }, - { - "name" : "26341", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26341" - }, - { - "name" : "2985", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2985" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.informit.com/guides/content.asp?g=security&seqNum=267", + "refsource": "MISC", + "url": "http://www.informit.com/guides/content.asp?g=security&seqNum=267" + }, + { + "name": "25323", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25323" + }, + { + "name": "26341", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26341" + }, + { + "name": "http://www.informit.com/guides/content.asp?g=security&seqNum=268", + "refsource": "MISC", + "url": "http://www.informit.com/guides/content.asp?g=security&seqNum=268" + }, + { + "name": "2985", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2985" + }, + { + "name": "20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/475678/100/0/threaded" + }, + { + "name": "http://www.airscanner.com/security/07080601_ezphotosales.htm", + "refsource": "MISC", + "url": "http://www.airscanner.com/security/07080601_ezphotosales.htm" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4547.json b/2007/4xxx/CVE-2007-4547.json index fcb9ce3ec4c..d92864e4a99 100644 --- a/2007/4xxx/CVE-2007-4547.json +++ b/2007/4xxx/CVE-2007-4547.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477432/100/0/threaded" - }, - { - "name" : "25419", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25419" - }, - { - "name" : "45832", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45832" - }, - { - "name" : "3060", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3060" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unreal Commander 0.92 build 565 and 573 writes portions of heap memory into local files when extracting from an archive with malformed size information in a file header, which might allow user-assisted attackers to obtain sensitive information (memory contents) by reading the extracted files. NOTE: this issue is only a vulnerability if Unreal is run with privileges, or if the extracted files are made accessible to other users." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3060", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3060" + }, + { + "name": "20070823 X-Diesel Unreal Commander v0.92 (build 573) multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477432/100/0/threaded" + }, + { + "name": "25419", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25419" + }, + { + "name": "45832", + "refsource": "OSVDB", + "url": "http://osvdb.org/45832" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4935.json b/2007/4xxx/CVE-2007-4935.json index 6e40391230e..6eef80773b8 100644 --- a/2007/4xxx/CVE-2007-4935.json +++ b/2007/4xxx/CVE-2007-4935.json @@ -1,137 +1,137 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4935", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) admin.php, (2) custom_pages.php, (3) draft.php, (4) faq.php, (5) leagues.php, (6) livedraft.php, (7) login.php, (8) my_team.php, (9) profile.php, (10) signup.php, (11) statistics.php, (12) transactions.php, (13) program_files/admin/custom_pages.php, or (14) program_files/common.php. NOTE: the program_files/livedraft/admin.php and program_files/livedraft/livedraft.php vectors are covered by CVE-2007-4934." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4935", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phpffl-fantasy-football-league-manager/", - "refsource" : "MISC", - "url" : "http://arfis.wordpress.com/2007/09/14/rfi-02-phpffl-fantasy-football-league-manager/" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=539716&group_id=137531", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=539716&group_id=137531" - }, - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=735906", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=735906" - }, - { - "name" : "ADV-2007-3176", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3176" - }, - { - "name" : "39650", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39650" - }, - { - "name" : "39651", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39651" - }, - { - "name" : "39652", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39652" - }, - { - "name" : "39653", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39653" - }, - { - "name" : "39654", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39654" - }, - { - "name" : "39655", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39655" - }, - { - "name" : "39656", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39656" - }, - { - "name" : "39657", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39657" - }, - { - "name" : "39658", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39658" - }, - { - "name" : "39659", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39659" - }, - { - "name" : "39660", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39660" - }, - { - "name" : "26812", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26812" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFL_FILE_ROOT parameter to (1) admin.php, (2) custom_pages.php, (3) draft.php, (4) faq.php, (5) leagues.php, (6) livedraft.php, (7) login.php, (8) my_team.php, (9) profile.php, (10) signup.php, (11) statistics.php, (12) transactions.php, (13) program_files/admin/custom_pages.php, or (14) program_files/common.php. NOTE: the program_files/livedraft/admin.php and program_files/livedraft/livedraft.php vectors are covered by CVE-2007-4934." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39655", + "refsource": "OSVDB", + "url": "http://osvdb.org/39655" + }, + { + "name": "39656", + "refsource": "OSVDB", + "url": "http://osvdb.org/39656" + }, + { + "name": "39652", + "refsource": "OSVDB", + "url": "http://osvdb.org/39652" + }, + { + "name": "http://arfis.wordpress.com/2007/09/14/rfi-02-phpffl-fantasy-football-league-manager/", + "refsource": "MISC", + "url": "http://arfis.wordpress.com/2007/09/14/rfi-02-phpffl-fantasy-football-league-manager/" + }, + { + "name": "39657", + "refsource": "OSVDB", + "url": "http://osvdb.org/39657" + }, + { + "name": "ADV-2007-3176", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3176" + }, + { + "name": "39658", + "refsource": "OSVDB", + "url": "http://osvdb.org/39658" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=539716&group_id=137531", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=539716&group_id=137531" + }, + { + "name": "39660", + "refsource": "OSVDB", + "url": "http://osvdb.org/39660" + }, + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=735906", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=735906" + }, + { + "name": "39659", + "refsource": "OSVDB", + "url": "http://osvdb.org/39659" + }, + { + "name": "39654", + "refsource": "OSVDB", + "url": "http://osvdb.org/39654" + }, + { + "name": "26812", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26812" + }, + { + "name": "39653", + "refsource": "OSVDB", + "url": "http://osvdb.org/39653" + }, + { + "name": "39651", + "refsource": "OSVDB", + "url": "http://osvdb.org/39651" + }, + { + "name": "39650", + "refsource": "OSVDB", + "url": "http://osvdb.org/39650" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5497.json b/2014/5xxx/CVE-2014-5497.json index f821f777cf6..3f3067c6450 100644 --- a/2014/5xxx/CVE-2014-5497.json +++ b/2014/5xxx/CVE-2014-5497.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5497", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5497", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2542.json b/2015/2xxx/CVE-2015-2542.json index 14130697c99..a25621ccf9c 100644 --- a/2015/2xxx/CVE-2015-2542.json +++ b/2015/2xxx/CVE-2015-2542.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS15-094", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" - }, - { - "name" : "MS15-095", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095" - }, - { - "name" : "76571", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/76571" - }, - { - "name" : "1033487", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033487" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "76571", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/76571" + }, + { + "name": "MS15-094", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-094" + }, + { + "name": "MS15-095", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-095" + }, + { + "name": "1033487", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033487" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2587.json b/2015/2xxx/CVE-2015-2587.json index 33f339b2173..a96e35e7ab8 100644 --- a/2015/2xxx/CVE-2015-2587.json +++ b/2015/2xxx/CVE-2015-2587.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2587", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2587", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "75876", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75876" - }, - { - "name" : "1032916", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032916" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, and 15.0 allows remote attackers to affect integrity via vectors related to SWSE Server Infrastructure." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "75876", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75876" + }, + { + "name": "1032916", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032916" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6017.json b/2015/6xxx/CVE-2015-6017.json index 39599a21313..45c1c90dae5 100644 --- a/2015/6xxx/CVE-2015-6017.json +++ b/2015/6xxx/CVE-2015-6017.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6017", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6017", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R", - "refsource" : "CONFIRM", - "url" : "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R" - }, - { - "name" : "VU#870744", - "refsource" : "CERT-VN", - "url" : "https://www.kb.cert.org/vuls/id/870744" - }, - { - "name" : "1034552", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034552" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via the (1) LoginPassword or (2) hiddenPassword parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1034552", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034552" + }, + { + "name": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R", + "refsource": "CONFIRM", + "url": "https://www.kb.cert.org/vuls/id/BLUU-9ZQU2R" + }, + { + "name": "VU#870744", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/870744" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6669.json b/2015/6xxx/CVE-2015-6669.json index b19ab28dcd3..ab25f841431 100644 --- a/2015/6xxx/CVE-2015-6669.json +++ b/2015/6xxx/CVE-2015-6669.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6669", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6669", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6811.json b/2015/6xxx/CVE-2015-6811.json index b39a572448f..dd651cbd90b 100644 --- a/2015/6xxx/CVE-2015-6811.json +++ b/2015/6xxx/CVE-2015-6811.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6811", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6811", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "38034", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/38034/" - }, - { - "name" : "http://packetstormsecurity.com/files/133378/Cyberoam-CR500iNG-XP-10.6.2-MR-1-Blind-SQL-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133378/Cyberoam-CR500iNG-XP-10.6.2-MR-1-Blind-SQL-Injection.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter to login.xml." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/133378/Cyberoam-CR500iNG-XP-10.6.2-MR-1-Blind-SQL-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133378/Cyberoam-CR500iNG-XP-10.6.2-MR-1-Blind-SQL-Injection.html" + }, + { + "name": "38034", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/38034/" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6984.json b/2015/6xxx/CVE-2015-6984.json index 72c2a1414f8..edd455d30fa 100644 --- a/2015/6xxx/CVE-2015-6984.json +++ b/2015/6xxx/CVE-2015-6984.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6984", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-6984", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted app that conducts an unspecified symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7240.json b/2015/7xxx/CVE-2015-7240.json index 617646f76b7..45758a73364 100644 --- a/2015/7xxx/CVE-2015-7240.json +++ b/2015/7xxx/CVE-2015-7240.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7240", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7240", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7343.json b/2015/7xxx/CVE-2015-7343.json index 3b0fe2fe687..78269dfc629 100644 --- a/2015/7xxx/CVE-2015-7343.json +++ b/2015/7xxx/CVE-2015-7343.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7343", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7343", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0287.json b/2016/0xxx/CVE-2016-0287.json index 5e13ed59ff5..d7a9a7f5f70 100644 --- a/2016/0xxx/CVE-2016-0287.json +++ b/2016/0xxx/CVE-2016-0287.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2016-0287", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM i Access 7.1 on Windows allows local users to discover registry passwords via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2016-0287", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.tenable.com/security/research/tra-2016-18", - "refsource" : "MISC", - "url" : "https://www.tenable.com/security/research/tra-2016-18" - }, - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021418", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021418" - }, - { - "name" : "SI60523", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1SI60523" - }, - { - "name" : "91706", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91706" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM i Access 7.1 on Windows allows local users to discover registry passwords via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91706", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91706" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021418", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=nas8N1021418" + }, + { + "name": "SI60523", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1SI60523" + }, + { + "name": "https://www.tenable.com/security/research/tra-2016-18", + "refsource": "MISC", + "url": "https://www.tenable.com/security/research/tra-2016-18" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0358.json b/2016/0xxx/CVE-2016-0358.json index 6ae451c29b2..6c966622d51 100644 --- a/2016/0xxx/CVE-2016-0358.json +++ b/2016/0xxx/CVE-2016-0358.json @@ -1,85 +1,85 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2017-08-25T00:00:00", - "ID" : "CVE-2016-0358", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Sametime", - "version" : { - "version_data" : [ - { - "version_value" : "8.5.2" - }, - { - "version_value" : "8.5.2.1" - }, - { - "version_value" : "9.0" - }, - { - "version_value" : "9.0.0.1" - }, - { - "version_value" : "9.0.1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2017-08-25T00:00:00", + "ID": "CVE-2016-0358", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Sametime", + "version": { + "version_data": [ + { + "version_value": "8.5.2" + }, + { + "version_value": "8.5.2.1" + }, + { + "version_value": "9.0" + }, + { + "version_value": "9.0.0.1" + }, + { + "version_value": "9.0.1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/111928", - "refsource" : "MISC", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/111928" - }, - { - "name" : "http://www.ibm.com/support/docview.wss?uid=swg22006441", - "refsource" : "CONFIRM", - "url" : "http://www.ibm.com/support/docview.wss?uid=swg22006441" - }, - { - "name" : "100572", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/100572" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Sametime 8.5.2 and 9.0 could allow an unauthorized authenticated user to enumerate group chat ID numbers and join meetings that he was not invited to. IBM X-Force ID: 111928." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.ibm.com/support/docview.wss?uid=swg22006441", + "refsource": "CONFIRM", + "url": "http://www.ibm.com/support/docview.wss?uid=swg22006441" + }, + { + "name": "100572", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/100572" + }, + { + "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111928", + "refsource": "MISC", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/111928" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0463.json b/2016/0xxx/CVE-2016-0463.json index 74ce8319288..fd4b26c6dff 100644 --- a/2016/0xxx/CVE-2016-0463.json +++ b/2016/0xxx/CVE-2016-0463.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0463", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality via unknown vectors related to Portal." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0463", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "1034720", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034720" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality via unknown vectors related to Portal." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "1034720", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034720" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0504.json b/2016/0xxx/CVE-2016-0504.json index 52593ba41a6..deb6a8ddc1a 100644 --- a/2016/0xxx/CVE-2016-0504.json +++ b/2016/0xxx/CVE-2016-0504.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "USN-2881-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2881-1" - }, - { - "name" : "81077", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81077" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via vectors related to DML, a different vulnerability than CVE-2016-0503." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "81077", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81077" + }, + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "USN-2881-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2881-1" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000103.json b/2016/1000xxx/CVE-2016-1000103.json index f88adb38f5a..fa5bf2e4fcd 100644 --- a/2016/1000xxx/CVE-2016-1000103.json +++ b/2016/1000xxx/CVE-2016-1000103.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000103", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000103", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10393.json b/2016/10xxx/CVE-2016-10393.json index 585930dfd19..c7cec44aa0a 100644 --- a/2016/10xxx/CVE-2016-10393.json +++ b/2016/10xxx/CVE-2016-10393.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "ID" : "CVE-2016-10393", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "ID": "CVE-2016-10393", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-03-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-03-01" - }, - { - "name" : "103292", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103292" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-03-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-03-01" + }, + { + "name": "103292", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103292" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10456.json b/2016/10xxx/CVE-2016-10456.json index 0f26a7d93ad..fe6db582af9 100644 --- a/2016/10xxx/CVE-2016-10456.json +++ b/2016/10xxx/CVE-2016-10456.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, if radish is executed with an interface name set to an invalid interface name, an arbitrary command of 15 characters or less may be executed as a system call." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper input validation in radish results in arbitrary command injection" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, if radish is executed with an interface name set to an invalid interface name, an arbitrary command of 15 characters or less may be executed as a system call." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper input validation in radish results in arbitrary command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4208.json b/2016/4xxx/CVE-2016-4208.json index 84d130e9a32..2866a0ba33e 100644 --- a/2016/4xxx/CVE-2016-4208.json +++ b/2016/4xxx/CVE-2016-4208.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4208", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-4208", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40098", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40098/" - }, - { - "name" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" - }, - { - "name" : "91716", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91716" - }, - { - "name" : "1036281", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036281" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4191, CVE-2016-4192, CVE-2016-4193, CVE-2016-4194, CVE-2016-4195, CVE-2016-4196, CVE-2016-4197, CVE-2016-4198, CVE-2016-4199, CVE-2016-4200, CVE-2016-4201, CVE-2016-4202, CVE-2016-4203, CVE-2016-4204, CVE-2016-4205, CVE-2016-4206, CVE-2016-4207, CVE-2016-4211, CVE-2016-4212, CVE-2016-4213, CVE-2016-4214, CVE-2016-4250, CVE-2016-4251, CVE-2016-4252, and CVE-2016-4254." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91716", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91716" + }, + { + "name": "1036281", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036281" + }, + { + "name": "40098", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40098/" + }, + { + "name": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/acrobat/apsb16-26.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4306.json b/2016/4xxx/CVE-2016-4306.json index 38661851920..6993d0aa8a6 100644 --- a/2016/4xxx/CVE-2016-4306.json +++ b/2016/4xxx/CVE-2016-4306.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4306", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Total Security", - "version" : { - "version_data" : [ - { - "version_value" : "16.0.0.614" - } - ] - } - } - ] - }, - "vendor_name" : "Kaspersky" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "unspecified" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4306", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Total Security", + "version": { + "version_data": [ + { + "version_value": "16.0.0.614" + } + ] + } + } + ] + }, + "vendor_name": "Kaspersky" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0168/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0168/" - }, - { - "name" : "1036702", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036702" - }, - { - "name" : "1036703", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036703" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple information leaks exist in various IOCTL handlers of the Kaspersky Internet Security KLDISK driver. Specially crafted IOCTL requests can cause the driver to return out-of-bounds kernel memory, potentially leaking sensitive information such as privileged tokens or kernel memory addresses that may be useful in bypassing kernel mitigations. An unprivileged user can run a program from user-mode to trigger this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "unspecified" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1036702", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036702" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0168/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0168/" + }, + { + "name": "1036703", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036703" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4327.json b/2016/4xxx/CVE-2016-4327.json index fe7cbef6a2b..3e3741fb919 100644 --- a/2016/4xxx/CVE-2016-4327.json +++ b/2016/4xxx/CVE-2016-4327.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4327", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4327", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160517 WSO2 SOA Enablement Server - Reflected Cross-Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538413/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/137073/WSO2-SOA-Enablement-Server-Cross-Site-Scripting.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137073/WSO2-SOA-Enablement-Server-Cross-Site-Scripting.html" - }, - { - "name" : "85893", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/85893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160517 WSO2 SOA Enablement Server - Reflected Cross-Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538413/100/0/threaded" + }, + { + "name": "http://packetstormsecurity.com/files/137073/WSO2-SOA-Enablement-Server-Cross-Site-Scripting.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137073/WSO2-SOA-Enablement-Server-Cross-Site-Scripting.html" + }, + { + "name": "85893", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/85893" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4415.json b/2016/4xxx/CVE-2016-4415.json index 7e63f5b4f77..1084a4e63ff 100644 --- a/2016/4xxx/CVE-2016-4415.json +++ b/2016/4xxx/CVE-2016-4415.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4415", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4415", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://code.google.com/p/google-security-research/issues/detail?id=647", - "refsource" : "MISC", - "url" : "https://code.google.com/p/google-security-research/issues/detail?id=647" - }, - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11795", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11795" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2016-12.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2016-12.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 2.x before 2.0.2 incorrectly increases a certain octet count, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.wireshark.org/security/wnpa-sec-2016-12.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2016-12.html" + }, + { + "name": "https://code.google.com/p/google-security-research/issues/detail?id=647", + "refsource": "MISC", + "url": "https://code.google.com/p/google-security-research/issues/detail?id=647" + }, + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11795", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11795" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4601.json b/2016/4xxx/CVE-2016-4601.json index a1ddecef345..59dd71dd684 100644 --- a/2016/4xxx/CVE-2016-4601.json +++ b/2016/4xxx/CVE-2016-4601.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@apple.com", - "ID" : "CVE-2016-4601", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SGI image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-4601", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT206903", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206903" - }, - { - "name" : "APPLE-SA-2016-07-18-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" - }, - { - "name" : "91824", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91824" - }, - { - "name" : "1036348", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QuickTime in Apple OS X before 10.11.6 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted SGI image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91824", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91824" + }, + { + "name": "APPLE-SA-2016-07-18-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html" + }, + { + "name": "1036348", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036348" + }, + { + "name": "https://support.apple.com/HT206903", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206903" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9583.json b/2016/9xxx/CVE-2016-9583.json index 41979ae3532..523837fed1f 100644 --- a/2016/9xxx/CVE-2016-9583.json +++ b/2016/9xxx/CVE-2016-9583.json @@ -1,111 +1,111 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psampaio@redhat.com", - "ID" : "CVE-2016-9583", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "jasper", - "version" : { - "version_data" : [ - { - "version_value" : "2.0.6" - } - ] - } - } - ] - }, - "vendor_name" : "The Jasper Project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input." - } - ] - }, - "impact" : { - "cvss" : [ - [ - { - "vectorString" : "5.5/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "version" : "3.0" - } - ], - [ - { - "vectorString" : "4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P", - "version" : "2.0" - } - ] - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-190" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-9583", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "jasper", + "version": { + "version_data": [ + { + "version_value": "2.0.6" + } + ] + } + } + ] + }, + "vendor_name": "The Jasper Project" + } ] - }, - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-125" - } + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input." + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "5.5/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "version": "3.0" + } + ], + [ + { + "vectorString": "4.3/AV:N/AC:M/Au:N/C:N/I:N/A:P", + "version": "2.0" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9583", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9583" - }, - { - "name" : "https://github.com/mdadams/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d", - "refsource" : "CONFIRM", - "url" : "https://github.com/mdadams/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d" - }, - { - "name" : "https://github.com/mdadams/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d", - "refsource" : "CONFIRM", - "url" : "https://github.com/mdadams/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d" - }, - { - "name" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", - "refsource" : "CONFIRM", - "url" : "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" - }, - { - "name" : "RHSA-2017:1208", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2017:1208" - }, - { - "name" : "94925", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/94925" - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-125" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", + "refsource": "CONFIRM", + "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html" + }, + { + "name": "https://github.com/mdadams/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d", + "refsource": "CONFIRM", + "url": "https://github.com/mdadams/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d" + }, + { + "name": "RHSA-2017:1208", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2017:1208" + }, + { + "name": "94925", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/94925" + }, + { + "name": "https://github.com/mdadams/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d", + "refsource": "CONFIRM", + "url": "https://github.com/mdadams/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9583", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9583" + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9609.json b/2016/9xxx/CVE-2016-9609.json index 7e57769190d..cd64ed25f3f 100644 --- a/2016/9xxx/CVE-2016-9609.json +++ b/2016/9xxx/CVE-2016-9609.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9609", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9609", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9680.json b/2016/9xxx/CVE-2016-9680.json index a44e7ae7787..d358f087505 100644 --- a/2016/9xxx/CVE-2016-9680.json +++ b/2016/9xxx/CVE-2016-9680.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9680", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-9680", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.citrix.com/article/CTX219580", - "refsource" : "CONFIRM", - "url" : "https://support.citrix.com/article/CTX219580" - }, - { - "name" : "95620", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/95620" - }, - { - "name" : "1037625", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037625" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Citrix Provisioning Services before 7.12 allows attackers to obtain sensitive information from kernel memory via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.citrix.com/article/CTX219580", + "refsource": "CONFIRM", + "url": "https://support.citrix.com/article/CTX219580" + }, + { + "name": "95620", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/95620" + }, + { + "name": "1037625", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037625" + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2131.json b/2019/2xxx/CVE-2019-2131.json index 3e647656ea3..0a5ce5b9f81 100644 --- a/2019/2xxx/CVE-2019-2131.json +++ b/2019/2xxx/CVE-2019-2131.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2131", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2131", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2599.json b/2019/2xxx/CVE-2019-2599.json index 936ee83710c..6898c8fb34b 100644 --- a/2019/2xxx/CVE-2019-2599.json +++ b/2019/2xxx/CVE-2019-2599.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2599", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2599", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2699.json b/2019/2xxx/CVE-2019-2699.json index fddd6e93b8f..547b760501b 100644 --- a/2019/2xxx/CVE-2019-2699.json +++ b/2019/2xxx/CVE-2019-2699.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2699", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2699", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3018.json b/2019/3xxx/CVE-2019-3018.json index a1eb45a4aa8..b5b35b2ea01 100644 --- a/2019/3xxx/CVE-2019-3018.json +++ b/2019/3xxx/CVE-2019-3018.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3018", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3018", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3165.json b/2019/3xxx/CVE-2019-3165.json index 306b17369d2..c16c54c64f8 100644 --- a/2019/3xxx/CVE-2019-3165.json +++ b/2019/3xxx/CVE-2019-3165.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3165", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3165", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3625.json b/2019/3xxx/CVE-2019-3625.json index 2e38cfd42e4..58f1af519d1 100644 --- a/2019/3xxx/CVE-2019-3625.json +++ b/2019/3xxx/CVE-2019-3625.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3625", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3625", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3929.json b/2019/3xxx/CVE-2019-3929.json index 8e54be1eb78..8d84cb54826 100644 --- a/2019/3xxx/CVE-2019-3929.json +++ b/2019/3xxx/CVE-2019-3929.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3929", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3929", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6147.json b/2019/6xxx/CVE-2019-6147.json index 54709efe012..ae18f426e25 100644 --- a/2019/6xxx/CVE-2019-6147.json +++ b/2019/6xxx/CVE-2019-6147.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6147", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6147", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6547.json b/2019/6xxx/CVE-2019-6547.json index 583dce51f8a..b0c12609fb1 100644 --- a/2019/6xxx/CVE-2019-6547.json +++ b/2019/6xxx/CVE-2019-6547.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "ics-cert@hq.dhs.gov", - "DATE_PUBLIC" : "2019-02-19T00:00:00", - "ID" : "CVE-2019-6547", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Delta Industrial Automation CNCSoft", - "version" : { - "version_data" : [ - { - "version_value" : "CNCSoft ScreenEditor Version 1.00.84 and prior." - } - ] - } - } - ] - }, - "vendor_name" : "ICS-CERT" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for processing project files." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "OUT-OF-BOUNDS READ CWE-125" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2019-02-19T00:00:00", + "ID": "CVE-2019-6547", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Delta Industrial Automation CNCSoft", + "version": { + "version_data": [ + { + "version_value": "CNCSoft ScreenEditor Version 1.00.84 and prior." + } + ] + } + } + ] + }, + "vendor_name": "ICS-CERT" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02" - }, - { - "name" : "107086", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107086" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.84 and prior. An out-of-bounds read vulnerability may cause the software to crash due to lacking user input validation for processing project files." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "OUT-OF-BOUNDS READ CWE-125" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107086", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107086" + }, + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02" + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6621.json b/2019/6xxx/CVE-2019-6621.json index 06c6455ee44..2dbf857ded4 100644 --- a/2019/6xxx/CVE-2019-6621.json +++ b/2019/6xxx/CVE-2019-6621.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6621", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6621", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6878.json b/2019/6xxx/CVE-2019-6878.json index 1bb03604e8e..49f19c408f4 100644 --- a/2019/6xxx/CVE-2019-6878.json +++ b/2019/6xxx/CVE-2019-6878.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6878", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6878", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6915.json b/2019/6xxx/CVE-2019-6915.json index 2fa2093f2b0..2c6a401cfec 100644 --- a/2019/6xxx/CVE-2019-6915.json +++ b/2019/6xxx/CVE-2019-6915.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6915", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6915", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7913.json b/2019/7xxx/CVE-2019-7913.json index b70316228b5..69275274ae9 100644 --- a/2019/7xxx/CVE-2019-7913.json +++ b/2019/7xxx/CVE-2019-7913.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7913", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7913", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8070.json b/2019/8xxx/CVE-2019-8070.json index 4ba0368cc4d..ccba0a048bd 100644 --- a/2019/8xxx/CVE-2019-8070.json +++ b/2019/8xxx/CVE-2019-8070.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8070", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8070", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8388.json b/2019/8xxx/CVE-2019-8388.json index f8c3d3cefc9..f5a2e5b088f 100644 --- a/2019/8xxx/CVE-2019-8388.json +++ b/2019/8xxx/CVE-2019-8388.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8388", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8388", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8658.json b/2019/8xxx/CVE-2019-8658.json index 42cafaa4037..f8e62af6dfa 100644 --- a/2019/8xxx/CVE-2019-8658.json +++ b/2019/8xxx/CVE-2019-8658.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8658", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8658", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9185.json b/2019/9xxx/CVE-2019-9185.json index f68d06ea652..e999ccdfc6f 100644 --- a/2019/9xxx/CVE-2019-9185.json +++ b/2019/9xxx/CVE-2019-9185.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9185", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9185", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/bolt/bolt/blob/v3.6.5/changelog.md", - "refsource" : "MISC", - "url" : "https://github.com/bolt/bolt/blob/v3.6.5/changelog.md" - }, - { - "name" : "https://github.com/bolt/bolt/pull/7745", - "refsource" : "MISC", - "url" : "https://github.com/bolt/bolt/pull/7745" - }, - { - "name" : "https://github.com/bolt/bolt/releases/tag/v3.6.5", - "refsource" : "MISC", - "url" : "https://github.com/bolt/bolt/releases/tag/v3.6.5" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/bolt/bolt/releases/tag/v3.6.5", + "refsource": "MISC", + "url": "https://github.com/bolt/bolt/releases/tag/v3.6.5" + }, + { + "name": "https://github.com/bolt/bolt/pull/7745", + "refsource": "MISC", + "url": "https://github.com/bolt/bolt/pull/7745" + }, + { + "name": "https://github.com/bolt/bolt/blob/v3.6.5/changelog.md", + "refsource": "MISC", + "url": "https://github.com/bolt/bolt/blob/v3.6.5/changelog.md" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9567.json b/2019/9xxx/CVE-2019-9567.json index fc0e8185bdc..412ba529027 100644 --- a/2019/9xxx/CVE-2019-9567.json +++ b/2019/9xxx/CVE-2019-9567.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9567", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"Forminator Contact Form, Poll & Quiz Builder\" plugin before 1.6 for WordPress has XSS via a custom input field of a poll." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9567", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://lists.openwall.net/full-disclosure/2019/02/05/4", - "refsource" : "MISC", - "url" : "https://lists.openwall.net/full-disclosure/2019/02/05/4" - }, - { - "name" : "https://security-consulting.icu/blog/2019/02/wordpress-forminator-persistent-xss-blind-sql-injection/", - "refsource" : "MISC", - "url" : "https://security-consulting.icu/blog/2019/02/wordpress-forminator-persistent-xss-blind-sql-injection/" - }, - { - "name" : "https://wordpress.org/plugins/forminator/#developers", - "refsource" : "MISC", - "url" : "https://wordpress.org/plugins/forminator/#developers" - }, - { - "name" : "https://wpvulndb.com/vulnerabilities/9215", - "refsource" : "MISC", - "url" : "https://wpvulndb.com/vulnerabilities/9215" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"Forminator Contact Form, Poll & Quiz Builder\" plugin before 1.6 for WordPress has XSS via a custom input field of a poll." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://lists.openwall.net/full-disclosure/2019/02/05/4", + "refsource": "MISC", + "url": "https://lists.openwall.net/full-disclosure/2019/02/05/4" + }, + { + "name": "https://security-consulting.icu/blog/2019/02/wordpress-forminator-persistent-xss-blind-sql-injection/", + "refsource": "MISC", + "url": "https://security-consulting.icu/blog/2019/02/wordpress-forminator-persistent-xss-blind-sql-injection/" + }, + { + "name": "https://wordpress.org/plugins/forminator/#developers", + "refsource": "MISC", + "url": "https://wordpress.org/plugins/forminator/#developers" + }, + { + "name": "https://wpvulndb.com/vulnerabilities/9215", + "refsource": "MISC", + "url": "https://wpvulndb.com/vulnerabilities/9215" + } + ] + } +} \ No newline at end of file