From fc9bf59a1b3612d43788b8aa67a268bfb9ba5a68 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 06:08:02 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0013.json | 34 ++-- 2007/0xxx/CVE-2007-0138.json | 140 ++++++++--------- 2007/0xxx/CVE-2007-0653.json | 240 ++++++++++++++--------------- 2007/0xxx/CVE-2007-0874.json | 180 +++++++++++----------- 2007/3xxx/CVE-2007-3329.json | 200 ++++++++++++------------ 2007/3xxx/CVE-2007-3443.json | 180 +++++++++++----------- 2007/3xxx/CVE-2007-3705.json | 140 ++++++++--------- 2007/3xxx/CVE-2007-3732.json | 34 ++-- 2007/3xxx/CVE-2007-3852.json | 170 ++++++++++---------- 2007/3xxx/CVE-2007-3874.json | 180 +++++++++++----------- 2007/4xxx/CVE-2007-4419.json | 220 +++++++++++++------------- 2007/4xxx/CVE-2007-4779.json | 170 ++++++++++---------- 2014/5xxx/CVE-2014-5001.json | 140 ++++++++--------- 2014/5xxx/CVE-2014-5096.json | 34 ++-- 2014/5xxx/CVE-2014-5225.json | 34 ++-- 2014/5xxx/CVE-2014-5378.json | 34 ++-- 2014/5xxx/CVE-2014-5388.json | 170 ++++++++++---------- 2014/5xxx/CVE-2014-5416.json | 34 ++-- 2014/5xxx/CVE-2014-5479.json | 34 ++-- 2015/2xxx/CVE-2015-2482.json | 170 ++++++++++---------- 2015/2xxx/CVE-2015-2606.json | 140 ++++++++--------- 2015/6xxx/CVE-2015-6455.json | 34 ++-- 2015/6xxx/CVE-2015-6487.json | 34 ++-- 2015/6xxx/CVE-2015-6580.json | 130 ++++++++-------- 2015/6xxx/CVE-2015-6819.json | 140 ++++++++--------- 2015/7xxx/CVE-2015-7138.json | 34 ++-- 2015/7xxx/CVE-2015-7308.json | 34 ++-- 2015/7xxx/CVE-2015-7368.json | 160 +++++++++---------- 2016/0xxx/CVE-2016-0593.json | 34 ++-- 2016/0xxx/CVE-2016-0727.json | 170 ++++++++++---------- 2016/0xxx/CVE-2016-0739.json | 210 ++++++++++++------------- 2016/0xxx/CVE-2016-0870.json | 130 ++++++++-------- 2016/1000xxx/CVE-2016-1000001.json | 120 +++++++-------- 2016/10xxx/CVE-2016-10386.json | 142 ++++++++--------- 2016/4xxx/CVE-2016-4416.json | 130 ++++++++-------- 2016/4xxx/CVE-2016-4456.json | 130 ++++++++-------- 2016/4xxx/CVE-2016-4918.json | 34 ++-- 2016/4xxx/CVE-2016-4981.json | 34 ++-- 2016/9xxx/CVE-2016-9658.json | 34 ++-- 2019/2xxx/CVE-2019-2729.json | 34 ++-- 2019/2xxx/CVE-2019-2759.json | 34 ++-- 2019/2xxx/CVE-2019-2856.json | 34 ++-- 2019/3xxx/CVE-2019-3683.json | 34 ++-- 2019/3xxx/CVE-2019-3691.json | 34 ++-- 2019/3xxx/CVE-2019-3762.json | 34 ++-- 2019/3xxx/CVE-2019-3789.json | 34 ++-- 2019/6xxx/CVE-2019-6369.json | 34 ++-- 2019/6xxx/CVE-2019-6612.json | 34 ++-- 2019/6xxx/CVE-2019-6622.json | 34 ++-- 2019/6xxx/CVE-2019-6904.json | 34 ++-- 2019/7xxx/CVE-2019-7314.json | 140 ++++++++--------- 2019/7xxx/CVE-2019-7333.json | 120 +++++++-------- 2019/7xxx/CVE-2019-7632.json | 120 +++++++-------- 2019/7xxx/CVE-2019-7762.json | 34 ++-- 2019/7xxx/CVE-2019-7927.json | 34 ++-- 2019/8xxx/CVE-2019-8017.json | 34 ++-- 2019/8xxx/CVE-2019-8093.json | 34 ++-- 2019/8xxx/CVE-2019-8252.json | 34 ++-- 2019/8xxx/CVE-2019-8560.json | 34 ++-- 2019/9xxx/CVE-2019-9147.json | 34 ++-- 2019/9xxx/CVE-2019-9386.json | 34 ++-- 2019/9xxx/CVE-2019-9620.json | 34 ++-- 62 files changed, 2736 insertions(+), 2736 deletions(-) diff --git a/2007/0xxx/CVE-2007-0013.json b/2007/0xxx/CVE-2007-0013.json index 6b3f86c8310..52e4ad0c11a 100644 --- a/2007/0xxx/CVE-2007-0013.json +++ b/2007/0xxx/CVE-2007-0013.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0013", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0013", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0138.json b/2007/0xxx/CVE-2007-0138.json index 0bf30990074..fea0ed19d66 100644 --- a/2007/0xxx/CVE-2007-0138.json +++ b/2007/0xxx/CVE-2007-0138.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0138", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with (1) AbfrageForm or (2) EingabeForm, allows remote attackers to cause a denial of service (daemon crash) via multiple requests containing many /../ sequences in the Name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0138", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "32546", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32546" - }, - { - "name" : "23539", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23539" - }, - { - "name" : "formbankserver-formbank-dos(31216)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31216" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "formbankcgi.exe in Fersch Formbankserver 1.9, when the PATH_INFO begins with (1) AbfrageForm or (2) EingabeForm, allows remote attackers to cause a denial of service (daemon crash) via multiple requests containing many /../ sequences in the Name parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "32546", + "refsource": "OSVDB", + "url": "http://osvdb.org/32546" + }, + { + "name": "formbankserver-formbank-dos(31216)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31216" + }, + { + "name": "23539", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23539" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0653.json b/2007/0xxx/CVE-2007-0653.json index 05fc1f4659c..6a4bb9bba2a 100644 --- a/2007/0xxx/CVE-2007-0653.json +++ b/2007/0xxx/CVE-2007-0653.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0653", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "PSIRT-CNA@flexerasoftware.com", + "ID": "CVE-2007-0653", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070321 Secunia Research: XMMS Integer Overflow and UnderflowVulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463408/100/0/threaded" - }, - { - "name" : "http://secunia.com/secunia_research/2007-47/advisory/", - "refsource" : "MISC", - "url" : "http://secunia.com/secunia_research/2007-47/advisory/" - }, - { - "name" : "DSA-1277", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1277" - }, - { - "name" : "MDKSA-2007:071", - "refsource" : "MANDRIVA", - "url" : "http://www.mandriva.com/security/advisories?name=MDKSA-2007:071" - }, - { - "name" : "SUSE-SR:2007:006", - "refsource" : "SUSE", - "url" : "http://www.novell.com/linux/security/advisories/2007_6_sr.html" - }, - { - "name" : "USN-445-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-445-1" - }, - { - "name" : "23078", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23078" - }, - { - "name" : "ADV-2007-1057", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1057" - }, - { - "name" : "23986", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23986" - }, - { - "name" : "24645", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24645" - }, - { - "name" : "24804", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24804" - }, - { - "name" : "24889", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24889" - }, - { - "name" : "xmms-skinbitmap-code-execution(33205)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33205" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in X MultiMedia System (xmms) 1.2.10, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via crafted header information in a skin bitmap image, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23078", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23078" + }, + { + "name": "23986", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23986" + }, + { + "name": "24889", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24889" + }, + { + "name": "xmms-skinbitmap-code-execution(33205)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33205" + }, + { + "name": "USN-445-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-445-1" + }, + { + "name": "SUSE-SR:2007:006", + "refsource": "SUSE", + "url": "http://www.novell.com/linux/security/advisories/2007_6_sr.html" + }, + { + "name": "MDKSA-2007:071", + "refsource": "MANDRIVA", + "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:071" + }, + { + "name": "DSA-1277", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1277" + }, + { + "name": "24804", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24804" + }, + { + "name": "ADV-2007-1057", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1057" + }, + { + "name": "20070321 Secunia Research: XMMS Integer Overflow and UnderflowVulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463408/100/0/threaded" + }, + { + "name": "http://secunia.com/secunia_research/2007-47/advisory/", + "refsource": "MISC", + "url": "http://secunia.com/secunia_research/2007-47/advisory/" + }, + { + "name": "24645", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24645" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0874.json b/2007/0xxx/CVE-2007-0874.json index e93eeb1f764..2b3f7d4929e 100644 --- a/2007/0xxx/CVE-2007-0874.json +++ b/2007/0xxx/CVE-2007-0874.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0874", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Allons_voter 1.0 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) admin_ajouter.php or (2) admin_supprimer.php. NOTE: this could be leveraged to conduct cross-site scripting (XSS) attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070209 Allons_voter Version 1.0 xss and admin votes", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/459652/100/0/threaded" - }, - { - "name" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2641", - "refsource" : "MISC", - "url" : "http://forums.avenir-geopolitique.net/viewtopic.php?t=2641" - }, - { - "name" : "22508", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22508" - }, - { - "name" : "33690", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33690" - }, - { - "name" : "33691", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33691" - }, - { - "name" : "2234", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2234" - }, - { - "name" : "allonsvoter-admin-authentication-bypass(32431)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32431" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Allons_voter 1.0 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) admin_ajouter.php or (2) admin_supprimer.php. NOTE: this could be leveraged to conduct cross-site scripting (XSS) attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2641", + "refsource": "MISC", + "url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2641" + }, + { + "name": "33690", + "refsource": "OSVDB", + "url": "http://osvdb.org/33690" + }, + { + "name": "22508", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22508" + }, + { + "name": "33691", + "refsource": "OSVDB", + "url": "http://osvdb.org/33691" + }, + { + "name": "allonsvoter-admin-authentication-bypass(32431)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32431" + }, + { + "name": "2234", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2234" + }, + { + "name": "20070209 Allons_voter Version 1.0 xss and admin votes", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/459652/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3329.json b/2007/3xxx/CVE-2007-3329.json index 0c465984a8e..a75a68c1a24 100644 --- a/2007/3xxx/CVE-2007-3329.json +++ b/2007/3xxx/CVE-2007-3329.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3329", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple array index errors in the (1) get_intra_block, (2) get_inter_block_h263, and (3) get_inter_block_mpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted (a) Avi, (b) H.263, or (c) MPEG file." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3329", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.gentoo.org/show_bug.cgi?id=183145", - "refsource" : "CONFIRM", - "url" : "http://bugs.gentoo.org/show_bug.cgi?id=183145" - }, - { - "name" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c", - "refsource" : "CONFIRM", - "url" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c" - }, - { - "name" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c?r1=1.54&r2=1.55", - "refsource" : "CONFIRM", - "url" : "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c?r1=1.54&r2=1.55" - }, - { - "name" : "GLSA-200708-02", - "refsource" : "GENTOO", - "url" : "http://www.gentoo.org/security/en/glsa/glsa-200708-02.xml" - }, - { - "name" : "24561", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24561" - }, - { - "name" : "37728", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37728" - }, - { - "name" : "25711", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25711" - }, - { - "name" : "26353", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26353" - }, - { - "name" : "xvid-getintrablock-code-execution(34949)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/34949" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple array index errors in the (1) get_intra_block, (2) get_inter_block_h263, and (3) get_inter_block_mpeg functions in src/bitstream/mbcoding.c in Xvid 1.1.2 allow remote attackers to execute arbitrary code via a crafted (a) Avi, (b) H.263, or (c) MPEG file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-200708-02", + "refsource": "GENTOO", + "url": "http://www.gentoo.org/security/en/glsa/glsa-200708-02.xml" + }, + { + "name": "25711", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25711" + }, + { + "name": "26353", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26353" + }, + { + "name": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c?r1=1.54&r2=1.55", + "refsource": "CONFIRM", + "url": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c?r1=1.54&r2=1.55" + }, + { + "name": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c", + "refsource": "CONFIRM", + "url": "http://cvs.xvid.org/cvs/viewvc.cgi/xvidcore/src/bitstream/mbcoding.c" + }, + { + "name": "37728", + "refsource": "OSVDB", + "url": "http://osvdb.org/37728" + }, + { + "name": "24561", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24561" + }, + { + "name": "http://bugs.gentoo.org/show_bug.cgi?id=183145", + "refsource": "CONFIRM", + "url": "http://bugs.gentoo.org/show_bug.cgi?id=183145" + }, + { + "name": "xvid-getintrablock-code-execution(34949)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34949" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3443.json b/2007/3xxx/CVE-2007-3443.json index b295cc3bf18..9d83e189a0d 100644 --- a/2007/3xxx/CVE-2007-3443.json +++ b/2007/3xxx/CVE-2007-3443.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3443", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3443", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=213&", - "refsource" : "MISC", - "url" : "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=213&" - }, - { - "name" : "http://www.blackberry.com/btsc/articles/220/KB12705_f.SAL_Public.html", - "refsource" : "CONFIRM", - "url" : "http://www.blackberry.com/btsc/articles/220/KB12705_f.SAL_Public.html" - }, - { - "name" : "VU#324841", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/324841" - }, - { - "name" : "24545", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/24545" - }, - { - "name" : "37647", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37647" - }, - { - "name" : "25824", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25824" - }, - { - "name" : "blackberry-invitemessage-dos(35075)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/35075" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sending a certain SIP INVITE message, but not providing an ACK when the call is answered." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.blackberry.com/btsc/articles/220/KB12705_f.SAL_Public.html", + "refsource": "CONFIRM", + "url": "http://www.blackberry.com/btsc/articles/220/KB12705_f.SAL_Public.html" + }, + { + "name": "blackberry-invitemessage-dos(35075)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35075" + }, + { + "name": "37647", + "refsource": "OSVDB", + "url": "http://osvdb.org/37647" + }, + { + "name": "VU#324841", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/324841" + }, + { + "name": "25824", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25824" + }, + { + "name": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=213&", + "refsource": "MISC", + "url": "http://www.sipera.com/index.php?action=resources,threat_advisory&tid=213&" + }, + { + "name": "24545", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/24545" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3705.json b/2007/3xxx/CVE-2007-3705.json index 80415931a28..e101b5c067e 100644 --- a/2007/3xxx/CVE-2007-3705.json +++ b/2007/3xxx/CVE-2007-3705.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070618 Fusetalk SQL injection submission.", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/471637/100/200/threaded" - }, - { - "name" : "37140", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37140" - }, - { - "name" : "2879", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2879" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in FuseTalk 2.0 allows remote attackers to execute arbitrary SQL commands via the FTVAR_SUBCAT (txForumID) parameter to forum/index.cfm and possibly other unspecified components, related to forum/include/error/forumerror.cfm." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2879", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2879" + }, + { + "name": "20070618 Fusetalk SQL injection submission.", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/471637/100/200/threaded" + }, + { + "name": "37140", + "refsource": "OSVDB", + "url": "http://osvdb.org/37140" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3732.json b/2007/3xxx/CVE-2007-3732.json index b29e564b53b..ad276dc66d0 100644 --- a/2007/3xxx/CVE-2007-3732.json +++ b/2007/3xxx/CVE-2007-3732.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3732", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3732", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3852.json b/2007/3xxx/CVE-2007-3852.json index 9a0898809aa..e3d3ace9764 100644 --- a/2007/3xxx/CVE-2007-3852.json +++ b/2007/3xxx/CVE-2007-3852.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3852", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2007-3852", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.gentoo.org/show_bug.cgi?id=188808", - "refsource" : "CONFIRM", - "url" : "https://bugs.gentoo.org/show_bug.cgi?id=188808" - }, - { - "name" : "RHSA-2011:1005", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2011-1005.html" - }, - { - "name" : "25380", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25380" - }, - { - "name" : "39709", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39709" - }, - { - "name" : "26527", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26527" - }, - { - "name" : "sysstat-init-privilege-escalation(36045)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates /tmp/sysstat.run insecurely, which allows local users to execute arbitrary code." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26527", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26527" + }, + { + "name": "sysstat-init-privilege-escalation(36045)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36045" + }, + { + "name": "25380", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25380" + }, + { + "name": "39709", + "refsource": "OSVDB", + "url": "http://osvdb.org/39709" + }, + { + "name": "https://bugs.gentoo.org/show_bug.cgi?id=188808", + "refsource": "CONFIRM", + "url": "https://bugs.gentoo.org/show_bug.cgi?id=188808" + }, + { + "name": "RHSA-2011:1005", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2011-1005.html" + } + ] + } +} \ No newline at end of file diff --git a/2007/3xxx/CVE-2007-3874.json b/2007/3xxx/CVE-2007-3874.json index e813fb9ff94..2f4fd9d3398 100644 --- a/2007/3xxx/CVE-2007-3874.json +++ b/2007/3xxx/CVE-2007-3874.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-3874", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-3874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071031 Symantec Altiris Deployment Solution TFTP/MTFTP Service Directory Traversal Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=619" - }, - { - "name" : "http://www.symantec.com/avcenter/security/Content/2007.10.31.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2007.10.31.html" - }, - { - "name" : "26266", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26266" - }, - { - "name" : "ADV-2007-3673", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3673" - }, - { - "name" : "1018875", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018875" - }, - { - "name" : "27412", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27412" - }, - { - "name" : "symantec-altiris-directory-traversal(38178)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/38178" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in the tftp/mftp daemon in the PXE server component (pxemtftp.exe) in Symantec Altiris Deployment Solution 6.x before 6.8.380.0 allows remote attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26266", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26266" + }, + { + "name": "symantec-altiris-directory-traversal(38178)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38178" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2007.10.31.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2007.10.31.html" + }, + { + "name": "ADV-2007-3673", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3673" + }, + { + "name": "1018875", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018875" + }, + { + "name": "27412", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27412" + }, + { + "name": "20071031 Symantec Altiris Deployment Solution TFTP/MTFTP Service Directory Traversal Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=619" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4419.json b/2007/4xxx/CVE-2007-4419.json index 8ea7908daeb..5453523ae32 100644 --- a/2007/4xxx/CVE-2007-4419.json +++ b/2007/4xxx/CVE-2007-4419.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4419", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4419", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070816 Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/476760/100/0/threaded" - }, - { - "name" : "20070821 Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/477223/100/0/threaded" - }, - { - "name" : "http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html", - "refsource" : "MISC", - "url" : "http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html" - }, - { - "name" : "http://sourceforge.net/forum/forum.php?forum_id=727807", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/forum/forum.php?forum_id=727807" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?release_id=533628&group_id=188052", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?release_id=533628&group_id=188052" - }, - { - "name" : "http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628", - "refsource" : "CONFIRM", - "url" : "http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628" - }, - { - "name" : "25343", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25343" - }, - { - "name" : "39714", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/39714" - }, - { - "name" : "26533", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26533" - }, - { - "name" : "3028", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3028" - }, - { - "name" : "olatedownload-admin-security-bypass(36088)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36088" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Admin.php in Olate Download (od) 3.4.1 uses an MD5 hash of the admin username, user id, and group id, to compose the OD3_AutoLogin authentication cookie, which makes it easier for remote attackers to guess the cookie and access the Admin area." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?group_id=188052&release_id=533628" + }, + { + "name": "http://sourceforge.net/forum/forum.php?forum_id=727807", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/forum/forum.php?forum_id=727807" + }, + { + "name": "http://sourceforge.net/project/shownotes.php?release_id=533628&group_id=188052", + "refsource": "CONFIRM", + "url": "http://sourceforge.net/project/shownotes.php?release_id=533628&group_id=188052" + }, + { + "name": "26533", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26533" + }, + { + "name": "http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html", + "refsource": "MISC", + "url": "http://myimei.com/security/2007-08-16/olate-download-341adminphpauthentication-bypassing.html" + }, + { + "name": "olatedownload-admin-security-bypass(36088)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36088" + }, + { + "name": "25343", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25343" + }, + { + "name": "20070821 Re: Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/477223/100/0/threaded" + }, + { + "name": "20070816 Olate Download 3.4.1 ~ admin.php ~ Admin authentication bypassing", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/476760/100/0/threaded" + }, + { + "name": "3028", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3028" + }, + { + "name": "39714", + "refsource": "OSVDB", + "url": "http://osvdb.org/39714" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4779.json b/2007/4xxx/CVE-2007-4779.json index c89d189e786..b12d181b226 100644 --- a/2007/4xxx/CVE-2007-4779.json +++ b/2007/4xxx/CVE-2007-4779.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4779", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4779", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070903 Multiple vulnerabilities in Joomla 1.5 RC 1", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478451/100/0/threaded" - }, - { - "name" : "http://www.joomla.org/content/view/3831/1/", - "refsource" : "CONFIRM", - "url" : "http://www.joomla.org/content/view/3831/1/" - }, - { - "name" : "25508", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25508" - }, - { - "name" : "38416", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38416" - }, - { - "name" : "3108", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3108" - }, - { - "name" : "joomla-archive-xss(36425)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36425" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably related to the archive section." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.joomla.org/content/view/3831/1/", + "refsource": "CONFIRM", + "url": "http://www.joomla.org/content/view/3831/1/" + }, + { + "name": "25508", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25508" + }, + { + "name": "3108", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3108" + }, + { + "name": "20070903 Multiple vulnerabilities in Joomla 1.5 RC 1", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478451/100/0/threaded" + }, + { + "name": "joomla-archive-xss(36425)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36425" + }, + { + "name": "38416", + "refsource": "OSVDB", + "url": "http://osvdb.org/38416" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5001.json b/2014/5xxx/CVE-2014-5001.json index 862602b3279..d8b223447f0 100644 --- a/2014/5xxx/CVE-2014-5001.json +++ b/2014/5xxx/CVE-2014-5001.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5001", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command lines, which allows local users to obtain sensitive information by listing the processes." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20140707 Vulnerability Report for Ruby Gem kcapifony-2.1.6", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/07/21" - }, - { - "name" : "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2014/07/17/5" - }, - { - "name" : "http://www.vapid.dhs.org/advisories/kcapifony-2.1.6.html", - "refsource" : "MISC", - "url" : "http://www.vapid.dhs.org/advisories/kcapifony-2.1.6.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command lines, which allows local users to obtain sensitive information by listing the processes." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[oss-security] 20140707 Vulnerability Report for Ruby Gem kcapifony-2.1.6", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/07/21" + }, + { + "name": "[oss-security] 20140717 Re: Vulnerability Report for Ruby Gem codders-dataset-1.3.2.1 (etc.)", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2014/07/17/5" + }, + { + "name": "http://www.vapid.dhs.org/advisories/kcapifony-2.1.6.html", + "refsource": "MISC", + "url": "http://www.vapid.dhs.org/advisories/kcapifony-2.1.6.html" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5096.json b/2014/5xxx/CVE-2014-5096.json index 818c6325c08..5b8e0e30f46 100644 --- a/2014/5xxx/CVE-2014-5096.json +++ b/2014/5xxx/CVE-2014-5096.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5096", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5096", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5225.json b/2014/5xxx/CVE-2014-5225.json index 631cc4847d8..f77d2b351e2 100644 --- a/2014/5xxx/CVE-2014-5225.json +++ b/2014/5xxx/CVE-2014-5225.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5225", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-5225", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5378.json b/2014/5xxx/CVE-2014-5378.json index 0929523a60a..d9f0cd5a295 100644 --- a/2014/5xxx/CVE-2014-5378.json +++ b/2014/5xxx/CVE-2014-5378.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5378", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5378", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5388.json b/2014/5xxx/CVE-2014-5388.json index 1046ce320b0..fd750d032a9 100644 --- a/2014/5xxx/CVE-2014-5388.json +++ b/2014/5xxx/CVE-2014-5388.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5388", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2014-5388", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[Qemu-devel] 20140820 [PATCH v2] pcihp: fix possible array out of bounds", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html" - }, - { - "name" : "[oss-security] 20140822 CVE request Qemu: out of bounds memory access", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q3/438" - }, - { - "name" : "[oss-security] 20140822 Re: CVE request Qemu: out of bounds memory access", - "refsource" : "MLIST", - "url" : "http://seclists.org/oss-sec/2014/q3/440" - }, - { - "name" : "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16", - "refsource" : "CONFIRM", - "url" : "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1132956", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1132956" - }, - { - "name" : "USN-2409-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2409-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Off-by-one error in the pci_read function in the ACPI PCI hotplug interface (hw/acpi/pcihp.c) in QEMU allows local guest users to obtain sensitive information and have other unspecified impact related to a crafted PCI device that triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[Qemu-devel] 20140820 [PATCH v2] pcihp: fix possible array out of bounds", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2014-08/msg03338.html" + }, + { + "name": "[oss-security] 20140822 CVE request Qemu: out of bounds memory access", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q3/438" + }, + { + "name": "[oss-security] 20140822 Re: CVE request Qemu: out of bounds memory access", + "refsource": "MLIST", + "url": "http://seclists.org/oss-sec/2014/q3/440" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1132956" + }, + { + "name": "USN-2409-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2409-1" + }, + { + "name": "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16", + "refsource": "CONFIRM", + "url": "http://git.qemu.org/?p=qemu.git;a=commit;h=fa365d7cd11185237471823a5a33d36765454e16" + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5416.json b/2014/5xxx/CVE-2014-5416.json index 8964404e827..98c6cbbfcba 100644 --- a/2014/5xxx/CVE-2014-5416.json +++ b/2014/5xxx/CVE-2014-5416.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5416", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2014-5416", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2014/5xxx/CVE-2014-5479.json b/2014/5xxx/CVE-2014-5479.json index 0d42d53121f..7063e2735ca 100644 --- a/2014/5xxx/CVE-2014-5479.json +++ b/2014/5xxx/CVE-2014-5479.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2014-5479", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2014-5479", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2482.json b/2015/2xxx/CVE-2015-2482.json index 0058aa9e7d3..1b6f9c3d4a1 100644 --- a/2015/2xxx/CVE-2015-2482.json +++ b/2015/2xxx/CVE-2015-2482.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2482", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka \"Scripting Engine Memory Corruption Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40798", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40798/" - }, - { - "name" : "20151013 JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/54" - }, - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-515", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-515" - }, - { - "name" : "MS15-106", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" - }, - { - "name" : "MS15-108", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-108" - }, - { - "name" : "1033800", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033800" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted replace operation with a JavaScript regular expression, aka \"Scripting Engine Memory Corruption Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "MS15-108", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-108" + }, + { + "name": "1033800", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033800" + }, + { + "name": "20151013 JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/54" + }, + { + "name": "40798", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40798/" + }, + { + "name": "MS15-106", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-106" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-515", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-515" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2606.json b/2015/2xxx/CVE-2015-2606.json index 733723b4789..f59c530bc14 100644 --- a/2015/2xxx/CVE-2015-2606.json +++ b/2015/2xxx/CVE-2015-2606.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2606", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2015-2606", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-352", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-352" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" - }, - { - "name" : "75758", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/75758" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusion Middleware 2.2.2, 2.3, 2.4, 3.0, and 3.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Integrator, a different vulnerability than CVE-2015-2602, CVE-2015-2603, CVE-2015-2604, CVE-2015-2605, and CVE-2015-4745." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-352", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-352" + }, + { + "name": "75758", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/75758" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6455.json b/2015/6xxx/CVE-2015-6455.json index e9ade7df5cd..ffd7dce708a 100644 --- a/2015/6xxx/CVE-2015-6455.json +++ b/2015/6xxx/CVE-2015-6455.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6455", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6455", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6487.json b/2015/6xxx/CVE-2015-6487.json index d1478aea45a..fc6469482ef 100644 --- a/2015/6xxx/CVE-2015-6487.json +++ b/2015/6xxx/CVE-2015-6487.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6487", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-6487", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6580.json b/2015/6xxx/CVE-2015-6580.json index 75a4b484796..91e060a8447 100644 --- a/2015/6xxx/CVE-2015-6580.json +++ b/2015/6xxx/CVE-2015-6580.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6580", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2015-6580", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html" - }, - { - "name" : "1033472", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033472" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unknown vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html" + }, + { + "name": "1033472", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033472" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6819.json b/2015/6xxx/CVE-2015-6819.json index 1f2941acb48..4d580b10f76 100644 --- a/2015/6xxx/CVE-2015-6819.json +++ b/2015/6xxx/CVE-2015-6819.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6819", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-6819", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=84afc6b70d24fc0bf686e43138c96cf60a9445fe", - "refsource" : "CONFIRM", - "url" : "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=84afc6b70d24fc0bf686e43138c96cf60a9445fe" - }, - { - "name" : "http://ffmpeg.org/security.html", - "refsource" : "CONFIRM", - "url" : "http://ffmpeg.org/security.html" - }, - { - "name" : "1033483", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033483" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted MJPEG data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1033483", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033483" + }, + { + "name": "http://ffmpeg.org/security.html", + "refsource": "CONFIRM", + "url": "http://ffmpeg.org/security.html" + }, + { + "name": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=84afc6b70d24fc0bf686e43138c96cf60a9445fe", + "refsource": "CONFIRM", + "url": "http://git.videolan.org/?p=ffmpeg.git;a=commit;h=84afc6b70d24fc0bf686e43138c96cf60a9445fe" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7138.json b/2015/7xxx/CVE-2015-7138.json index 6d388baf4dd..b89680fb878 100644 --- a/2015/7xxx/CVE-2015-7138.json +++ b/2015/7xxx/CVE-2015-7138.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7138", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7138", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7308.json b/2015/7xxx/CVE-2015-7308.json index 114787120ac..0dbaedf16a0 100644 --- a/2015/7xxx/CVE-2015-7308.json +++ b/2015/7xxx/CVE-2015-7308.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7308", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7308", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7368.json b/2015/7xxx/CVE-2015-7368.json index bfae307b9ed..2ce300327f1 100644 --- a/2015/7xxx/CVE-2015-7368.json +++ b/2015/7xxx/CVE-2015-7368.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7368", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536633/100/0/threaded" - }, - { - "name" : "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Oct/32" - }, - { - "name" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" - }, - { - "name" : "http://www.revive-adserver.com/security/revive-sa-2015-001", - "refsource" : "CONFIRM", - "url" : "http://www.revive-adserver.com/security/revive-sa-2015-001" - }, - { - "name" : "https://github.com/revive-adserver/revive-adserver/commit/15aac363", - "refsource" : "CONFIRM", - "url" : "https://github.com/revive-adserver/revive-adserver/commit/15aac363" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser cache." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.revive-adserver.com/security/revive-sa-2015-001", + "refsource": "CONFIRM", + "url": "http://www.revive-adserver.com/security/revive-sa-2015-001" + }, + { + "name": "20151007 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536633/100/0/threaded" + }, + { + "name": "20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Oct/32" + }, + { + "name": "https://github.com/revive-adserver/revive-adserver/commit/15aac363", + "refsource": "CONFIRM", + "url": "https://github.com/revive-adserver/revive-adserver/commit/15aac363" + }, + { + "name": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133893/Revive-Adserver-3.2.1-CSRF-XSS-Local-File-Inclusion.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0593.json b/2016/0xxx/CVE-2016-0593.json index 60bf4bc09db..bb46e43302e 100644 --- a/2016/0xxx/CVE-2016-0593.json +++ b/2016/0xxx/CVE-2016-0593.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0593", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0593", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0727.json b/2016/0xxx/CVE-2016-0727.json index 8522bf31bb3..adf1a7f808f 100644 --- a/2016/0xxx/CVE-2016-0727.json +++ b/2016/0xxx/CVE-2016-0727.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0727", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0727", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/141913/NTP-Privilege-Escalation.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/141913/NTP-Privilege-Escalation.html" - }, - { - "name" : "https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050", - "refsource" : "CONFIRM", - "url" : "https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1382369", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1382369" - }, - { - "name" : "USN-3096-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3096-1" - }, - { - "name" : "81552", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81552" - }, - { - "name" : "1034808", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034808" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "USN-3096-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3096-1" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1382369", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1382369" + }, + { + "name": "1034808", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034808" + }, + { + "name": "http://packetstormsecurity.com/files/141913/NTP-Privilege-Escalation.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/141913/NTP-Privilege-Escalation.html" + }, + { + "name": "81552", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81552" + }, + { + "name": "https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050", + "refsource": "CONFIRM", + "url": "https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1528050" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0739.json b/2016/0xxx/CVE-2016-0739.json index c19c92b5cbc..6d4f617f142 100644 --- a/2016/0xxx/CVE-2016-0739.json +++ b/2016/0xxx/CVE-2016-0739.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert@redhat.com", - "ID" : "CVE-2016-0739", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-0739", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/", - "refsource" : "CONFIRM", - "url" : "https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/" - }, - { - "name" : "https://www.libssh.org/security/advisories/CVE-2016-0739.txt", - "refsource" : "CONFIRM", - "url" : "https://www.libssh.org/security/advisories/CVE-2016-0739.txt" - }, - { - "name" : "https://puppet.com/security/cve/CVE-2016-0739", - "refsource" : "CONFIRM", - "url" : "https://puppet.com/security/cve/CVE-2016-0739" - }, - { - "name" : "DSA-3488", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3488" - }, - { - "name" : "FEDORA-2016-d9f950c779", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178058.html" - }, - { - "name" : "FEDORA-2016-dc9e8da03c", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178822.html" - }, - { - "name" : "GLSA-201606-12", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201606-12" - }, - { - "name" : "RHSA-2016:0566", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0566.html" - }, - { - "name" : "openSUSE-SU-2016:0880", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-03/msg00111.html" - }, - { - "name" : "USN-2912-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2912-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-d9f950c779", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178058.html" + }, + { + "name": "USN-2912-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2912-1" + }, + { + "name": "https://www.libssh.org/security/advisories/CVE-2016-0739.txt", + "refsource": "CONFIRM", + "url": "https://www.libssh.org/security/advisories/CVE-2016-0739.txt" + }, + { + "name": "https://puppet.com/security/cve/CVE-2016-0739", + "refsource": "CONFIRM", + "url": "https://puppet.com/security/cve/CVE-2016-0739" + }, + { + "name": "FEDORA-2016-dc9e8da03c", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178822.html" + }, + { + "name": "GLSA-201606-12", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-12" + }, + { + "name": "DSA-3488", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3488" + }, + { + "name": "RHSA-2016:0566", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0566.html" + }, + { + "name": "https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/", + "refsource": "CONFIRM", + "url": "https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/" + }, + { + "name": "openSUSE-SU-2016:0880", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00111.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0870.json b/2016/0xxx/CVE-2016-0870.json index d7a4646bf59..88d735b6629 100644 --- a/2016/0xxx/CVE-2016-0870.json +++ b/2016/0xxx/CVE-2016-0870.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0870", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "ID": "CVE-2016-0870", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03", - "refsource" : "MISC", - "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03" - }, - { - "name" : "92979", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92979" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The web server in Trane Tracer SC 4.2.1134 and earlier allows remote attackers to read sensitive configuration files via a direct request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03", + "refsource": "MISC", + "url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-259-03" + }, + { + "name": "92979", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92979" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000001.json b/2016/1000xxx/CVE-2016-1000001.json index 2f661fc41d5..d5fa1db5c95 100644 --- a/2016/1000xxx/CVE-2016-1000001.json +++ b/2016/1000xxx/CVE-2016-1000001.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000001", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000001", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293", - "refsource" : "MISC", - "url" : "https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293", + "refsource": "MISC", + "url": "https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293" + } + ] + } +} \ No newline at end of file diff --git a/2016/10xxx/CVE-2016-10386.json b/2016/10xxx/CVE-2016-10386.json index 182ffa91acf..3c041b0ce79 100644 --- a/2016/10xxx/CVE-2016-10386.json +++ b/2016/10xxx/CVE-2016-10386.json @@ -1,73 +1,73 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "product-security@qualcomm.com", - "DATE_PUBLIC" : "2018-04-02T00:00:00", - "ID" : "CVE-2016-10386", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Snapdragon Mobile, Snapdragon Wear", - "version" : { - "version_data" : [ - { - "version_value" : "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDX20" - } - ] - } - } - ] - }, - "vendor_name" : "Qualcomm, Inc." - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Improper Validation of Array Index in GNSS" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@qualcomm.com", + "DATE_PUBLIC": "2018-04-02T00:00:00", + "ID": "CVE-2016-10386", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Snapdragon Mobile, Snapdragon Wear", + "version": { + "version_data": [ + { + "version_value": "MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDX20" + } + ] + } + } + ] + }, + "vendor_name": "Qualcomm, Inc." + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://source.android.com/security/bulletin/2017-07-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2017-07-01" - }, - { - "name" : "https://source.android.com/security/bulletin/2018-04-01", - "refsource" : "CONFIRM", - "url" : "https://source.android.com/security/bulletin/2018-04-01" - }, - { - "name" : "103671", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103671" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Validation of Array Index in GNSS" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://source.android.com/security/bulletin/2017-07-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2017-07-01" + }, + { + "name": "https://source.android.com/security/bulletin/2018-04-01", + "refsource": "CONFIRM", + "url": "https://source.android.com/security/bulletin/2018-04-01" + }, + { + "name": "103671", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103671" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4416.json b/2016/4xxx/CVE-2016-4416.json index 0e96dcc6cb4..e98118bec1a 100644 --- a/2016/4xxx/CVE-2016-4416.json +++ b/2016/4xxx/CVE-2016-4416.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4416", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4416", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11818", - "refsource" : "CONFIRM", - "url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11818" - }, - { - "name" : "https://www.wireshark.org/security/wnpa-sec-2016-13.html", - "refsource" : "CONFIRM", - "url" : "https://www.wireshark.org/security/wnpa-sec-2016-13.html" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.2 mishandles the Grouping subfield, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11818", + "refsource": "CONFIRM", + "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11818" + }, + { + "name": "https://www.wireshark.org/security/wnpa-sec-2016-13.html", + "refsource": "CONFIRM", + "url": "https://www.wireshark.org/security/wnpa-sec-2016-13.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4456.json b/2016/4xxx/CVE-2016-4456.json index 90ee0e81c9b..febe2de2b85 100644 --- a/2016/4xxx/CVE-2016-4456.json +++ b/2016/4xxx/CVE-2016-4456.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4456", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The \"GNUTLS_KEYLOGFILE\" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-4456", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160607 Re: CVE Request: GnuTLS: GNUTLS-SA-2016-1: File overwrite by setuid programs", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/07/6" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343505", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1343505" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The \"GNUTLS_KEYLOGFILE\" environment variable in gnutls 3.4.12 allows remote attackers to overwrite and corrupt arbitrary files in the filesystem." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1343505", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1343505" + }, + { + "name": "[oss-security] 20160607 Re: CVE Request: GnuTLS: GNUTLS-SA-2016-1: File overwrite by setuid programs", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/07/6" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4918.json b/2016/4xxx/CVE-2016-4918.json index d49e68ff6cc..b7aed19f166 100644 --- a/2016/4xxx/CVE-2016-4918.json +++ b/2016/4xxx/CVE-2016-4918.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4918", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4918", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4981.json b/2016/4xxx/CVE-2016-4981.json index 1719e582a1e..e451910d76c 100644 --- a/2016/4xxx/CVE-2016-4981.json +++ b/2016/4xxx/CVE-2016-4981.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-4981", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-4981", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/9xxx/CVE-2016-9658.json b/2016/9xxx/CVE-2016-9658.json index 78be2013421..74afff09e26 100644 --- a/2016/9xxx/CVE-2016-9658.json +++ b/2016/9xxx/CVE-2016-9658.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-9658", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-9658", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2729.json b/2019/2xxx/CVE-2019-2729.json index c7df535c951..81b8940aaba 100644 --- a/2019/2xxx/CVE-2019-2729.json +++ b/2019/2xxx/CVE-2019-2729.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2729", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2729", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2759.json b/2019/2xxx/CVE-2019-2759.json index 28e8ba2afaf..8e4607fcdd8 100644 --- a/2019/2xxx/CVE-2019-2759.json +++ b/2019/2xxx/CVE-2019-2759.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2759", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2759", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/2xxx/CVE-2019-2856.json b/2019/2xxx/CVE-2019-2856.json index f89c4e2a2c4..d7c40cfbfb6 100644 --- a/2019/2xxx/CVE-2019-2856.json +++ b/2019/2xxx/CVE-2019-2856.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-2856", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-2856", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3683.json b/2019/3xxx/CVE-2019-3683.json index 2d338f32789..782bd245907 100644 --- a/2019/3xxx/CVE-2019-3683.json +++ b/2019/3xxx/CVE-2019-3683.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3683", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3683", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3691.json b/2019/3xxx/CVE-2019-3691.json index 95eb24ad7d1..9634c6c3f7b 100644 --- a/2019/3xxx/CVE-2019-3691.json +++ b/2019/3xxx/CVE-2019-3691.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3691", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3691", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3762.json b/2019/3xxx/CVE-2019-3762.json index 9fadc76644a..543198ac752 100644 --- a/2019/3xxx/CVE-2019-3762.json +++ b/2019/3xxx/CVE-2019-3762.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3762", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3762", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3789.json b/2019/3xxx/CVE-2019-3789.json index 2e867c4bbfc..7279cd39193 100644 --- a/2019/3xxx/CVE-2019-3789.json +++ b/2019/3xxx/CVE-2019-3789.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3789", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3789", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6369.json b/2019/6xxx/CVE-2019-6369.json index 31e381edfe9..b77f53e7734 100644 --- a/2019/6xxx/CVE-2019-6369.json +++ b/2019/6xxx/CVE-2019-6369.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6369", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6369", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6612.json b/2019/6xxx/CVE-2019-6612.json index ab6d94d23e0..893e05591d0 100644 --- a/2019/6xxx/CVE-2019-6612.json +++ b/2019/6xxx/CVE-2019-6612.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6612", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6612", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6622.json b/2019/6xxx/CVE-2019-6622.json index a09187134cf..117c1805513 100644 --- a/2019/6xxx/CVE-2019-6622.json +++ b/2019/6xxx/CVE-2019-6622.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6622", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6622", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/6xxx/CVE-2019-6904.json b/2019/6xxx/CVE-2019-6904.json index d46d9dcfccd..ad442b44348 100644 --- a/2019/6xxx/CVE-2019-6904.json +++ b/2019/6xxx/CVE-2019-6904.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-6904", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-6904", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7314.json b/2019/7xxx/CVE-2019-7314.json index e03c1b40ef2..bd95a27024f 100644 --- a/2019/7xxx/CVE-2019-7314.json +++ b/2019/7xxx/CVE-2019-7314.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7314", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7314", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update", - "refsource" : "MLIST", - "url" : "https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html" - }, - { - "name" : "http://lists.live555.com/pipermail/live-devel/2019-February/021143.html", - "refsource" : "MISC", - "url" : "http://lists.live555.com/pipermail/live-devel/2019-February/021143.html" - }, - { - "name" : "http://www.live555.com/liveMedia/public/changelog.txt", - "refsource" : "MISC", - "url" : "http://www.live555.com/liveMedia/public/changelog.txt" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[debian-lts-announce] 20190226 [SECURITY] [DLA 1690-1] liblivemedia security update", + "refsource": "MLIST", + "url": "https://lists.debian.org/debian-lts-announce/2019/02/msg00037.html" + }, + { + "name": "http://www.live555.com/liveMedia/public/changelog.txt", + "refsource": "MISC", + "url": "http://www.live555.com/liveMedia/public/changelog.txt" + }, + { + "name": "http://lists.live555.com/pipermail/live-devel/2019-February/021143.html", + "refsource": "MISC", + "url": "http://lists.live555.com/pipermail/live-devel/2019-February/021143.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7333.json b/2019/7xxx/CVE-2019-7333.json index 31018ff5ac5..f76c856e733 100644 --- a/2019/7xxx/CVE-2019-7333.json +++ b/2019/7xxx/CVE-2019-7333.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7333", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7333", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/ZoneMinder/zoneminder/issues/2441", - "refsource" : "MISC", - "url" : "https://github.com/ZoneMinder/zoneminder/issues/2441" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/ZoneMinder/zoneminder/issues/2441", + "refsource": "MISC", + "url": "https://github.com/ZoneMinder/zoneminder/issues/2441" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7632.json b/2019/7xxx/CVE-2019-7632.json index 3b7c2c00922..0b4926fabc5 100644 --- a/2019/7xxx/CVE-2019-7632.json +++ b/2019/7xxx/CVE-2019-7632.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7632", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7632", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113", - "refsource" : "MISC", - "url" : "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113", + "refsource": "MISC", + "url": "https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=22113" + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7762.json b/2019/7xxx/CVE-2019-7762.json index 002e9c4e79b..8bf910adfa3 100644 --- a/2019/7xxx/CVE-2019-7762.json +++ b/2019/7xxx/CVE-2019-7762.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7762", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7762", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/7xxx/CVE-2019-7927.json b/2019/7xxx/CVE-2019-7927.json index 1e844687dfe..5059388f5aa 100644 --- a/2019/7xxx/CVE-2019-7927.json +++ b/2019/7xxx/CVE-2019-7927.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-7927", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-7927", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8017.json b/2019/8xxx/CVE-2019-8017.json index 2db74c9e82c..b3fb4bf7598 100644 --- a/2019/8xxx/CVE-2019-8017.json +++ b/2019/8xxx/CVE-2019-8017.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8017", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8017", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8093.json b/2019/8xxx/CVE-2019-8093.json index 4ee332d5a8f..72fcf06af2a 100644 --- a/2019/8xxx/CVE-2019-8093.json +++ b/2019/8xxx/CVE-2019-8093.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8093", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8093", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8252.json b/2019/8xxx/CVE-2019-8252.json index 1f7c673e6cc..93ef4332ba4 100644 --- a/2019/8xxx/CVE-2019-8252.json +++ b/2019/8xxx/CVE-2019-8252.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8252", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8252", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8560.json b/2019/8xxx/CVE-2019-8560.json index ea242c5868c..124e04fc32a 100644 --- a/2019/8xxx/CVE-2019-8560.json +++ b/2019/8xxx/CVE-2019-8560.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8560", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8560", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9147.json b/2019/9xxx/CVE-2019-9147.json index 456f444bc98..6cc82768a48 100644 --- a/2019/9xxx/CVE-2019-9147.json +++ b/2019/9xxx/CVE-2019-9147.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9147", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9147", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9386.json b/2019/9xxx/CVE-2019-9386.json index 0fb91fb5089..785136ae814 100644 --- a/2019/9xxx/CVE-2019-9386.json +++ b/2019/9xxx/CVE-2019-9386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9620.json b/2019/9xxx/CVE-2019-9620.json index cc1f4beed0c..e7bd058f1be 100644 --- a/2019/9xxx/CVE-2019-9620.json +++ b/2019/9xxx/CVE-2019-9620.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9620", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9620", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file