From fe5ee90b85dd93217cd1a66df5c5f36577fbbe21 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 01:47:29 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2007/0xxx/CVE-2007-0128.json | 150 ++++++------ 2007/0xxx/CVE-2007-0577.json | 160 ++++++------ 2007/1xxx/CVE-2007-1312.json | 34 +-- 2007/1xxx/CVE-2007-1525.json | 170 ++++++------- 2007/1xxx/CVE-2007-1541.json | 160 ++++++------ 2007/1xxx/CVE-2007-1635.json | 150 ++++++------ 2007/4xxx/CVE-2007-4422.json | 180 +++++++------- 2007/4xxx/CVE-2007-4671.json | 240 +++++++++--------- 2007/4xxx/CVE-2007-4740.json | 180 +++++++------- 2007/5xxx/CVE-2007-5365.json | 380 ++++++++++++++--------------- 2007/5xxx/CVE-2007-5482.json | 190 +++++++-------- 2007/5xxx/CVE-2007-5749.json | 34 +-- 2015/2xxx/CVE-2015-2470.json | 140 +++++------ 2015/2xxx/CVE-2015-2699.json | 34 +-- 2015/3xxx/CVE-2015-3369.json | 160 ++++++------ 2015/3xxx/CVE-2015-3552.json | 34 +-- 2015/3xxx/CVE-2015-3612.json | 34 +-- 2015/6xxx/CVE-2015-6023.json | 180 +++++++------- 2015/6xxx/CVE-2015-6313.json | 130 +++++----- 2015/6xxx/CVE-2015-6993.json | 170 ++++++------- 2015/7xxx/CVE-2015-7472.json | 140 +++++------ 2015/7xxx/CVE-2015-7606.json | 34 +-- 2015/7xxx/CVE-2015-7611.json | 160 ++++++------ 2015/7xxx/CVE-2015-7729.json | 150 ++++++------ 2016/0xxx/CVE-2016-0109.json | 170 ++++++------- 2016/0xxx/CVE-2016-0177.json | 34 +-- 2016/0xxx/CVE-2016-0189.json | 170 ++++++------- 2016/0xxx/CVE-2016-0597.json | 330 ++++++++++++------------- 2016/1000xxx/CVE-2016-1000033.json | 120 ++++----- 2016/1000xxx/CVE-2016-1000159.json | 34 +-- 2016/1xxx/CVE-2016-1115.json | 140 +++++------ 2016/1xxx/CVE-2016-1215.json | 150 ++++++------ 2016/1xxx/CVE-2016-1234.json | 190 +++++++-------- 2016/1xxx/CVE-2016-1506.json | 34 +-- 2016/1xxx/CVE-2016-1631.json | 230 ++++++++--------- 2016/4xxx/CVE-2016-4323.json | 170 ++++++------- 2016/5xxx/CVE-2016-5464.json | 150 ++++++------ 2016/5xxx/CVE-2016-5766.json | 260 ++++++++++---------- 2019/0xxx/CVE-2019-0409.json | 34 +-- 2019/0xxx/CVE-2019-0787.json | 34 +-- 2019/0xxx/CVE-2019-0955.json | 34 +-- 2019/1003xxx/CVE-2019-1003000.json | 144 +++++------ 2019/1xxx/CVE-2019-1716.json | 34 +-- 2019/1xxx/CVE-2019-1931.json | 34 +-- 2019/3xxx/CVE-2019-3034.json | 34 +-- 2019/3xxx/CVE-2019-3578.json | 34 +-- 2019/3xxx/CVE-2019-3680.json | 34 +-- 2019/3xxx/CVE-2019-3749.json | 34 +-- 2019/4xxx/CVE-2019-4363.json | 34 +-- 2019/4xxx/CVE-2019-4386.json | 34 +-- 2019/4xxx/CVE-2019-4526.json | 34 +-- 2019/4xxx/CVE-2019-4886.json | 34 +-- 2019/8xxx/CVE-2019-8111.json | 34 +-- 2019/8xxx/CVE-2019-8336.json | 120 ++++----- 2019/8xxx/CVE-2019-8515.json | 34 +-- 2019/9xxx/CVE-2019-9150.json | 34 +-- 2019/9xxx/CVE-2019-9471.json | 34 +-- 2019/9xxx/CVE-2019-9705.json | 130 +++++----- 2019/9xxx/CVE-2019-9746.json | 130 +++++----- 59 files changed, 3339 insertions(+), 3339 deletions(-) diff --git a/2007/0xxx/CVE-2007-0128.json b/2007/0xxx/CVE-2007-0128.json index e4aa576dd64..b7cb80e6e01 100644 --- a/2007/0xxx/CVE-2007-0128.json +++ b/2007/0xxx/CVE-2007-0128.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0128", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0128", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3081", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3081" - }, - { - "name" : "ADV-2007-0053", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0053" - }, - { - "name" : "31677", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31677" - }, - { - "name" : "23606", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23606" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in info_book.asp in Digirez 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the book_id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0053", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0053" + }, + { + "name": "23606", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23606" + }, + { + "name": "31677", + "refsource": "OSVDB", + "url": "http://osvdb.org/31677" + }, + { + "name": "3081", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3081" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0577.json b/2007/0xxx/CVE-2007-0577.json index 0e92ab8fd63..863ae103e07 100644 --- a/2007/0xxx/CVE-2007-0577.json +++ b/2007/0xxx/CVE-2007-0577.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0577", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0577", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3206", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3206" - }, - { - "name" : "22278", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22278" - }, - { - "name" : "ADV-2007-0391", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0391" - }, - { - "name" : "23970", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23970" - }, - { - "name" : "acgvclick-function-file-include(31859)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31859" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in function.inc.php in ACGVclick 0.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0391", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0391" + }, + { + "name": "23970", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23970" + }, + { + "name": "acgvclick-function-file-include(31859)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31859" + }, + { + "name": "22278", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22278" + }, + { + "name": "3206", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3206" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1312.json b/2007/1xxx/CVE-2007-1312.json index c936cb7097e..930e3ea6e11 100644 --- a/2007/1xxx/CVE-2007-1312.json +++ b/2007/1xxx/CVE-2007-1312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1525.json b/2007/1xxx/CVE-2007-1525.json index 6815020d657..f4505fef287 100644 --- a/2007/1xxx/CVE-2007-1525.json +++ b/2007/1xxx/CVE-2007-1525.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1525", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1525", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3478", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3478" - }, - { - "name" : "http://infusion.110mb.com/enter/dfblog4.zip", - "refsource" : "MISC", - "url" : "http://infusion.110mb.com/enter/dfblog4.zip" - }, - { - "name" : "22972", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22972" - }, - { - "name" : "ADV-2007-0969", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0969" - }, - { - "name" : "34073", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34073" - }, - { - "name" : "24534", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24534" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Direct static code injection vulnerability in postpost.php in Dayfox Blog (dfblog) 4 allows remote attackers to execute arbitrary PHP code via the cat parameter, which can be executed via a request to posts.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://infusion.110mb.com/enter/dfblog4.zip", + "refsource": "MISC", + "url": "http://infusion.110mb.com/enter/dfblog4.zip" + }, + { + "name": "ADV-2007-0969", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0969" + }, + { + "name": "24534", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24534" + }, + { + "name": "3478", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3478" + }, + { + "name": "22972", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22972" + }, + { + "name": "34073", + "refsource": "OSVDB", + "url": "http://osvdb.org/34073" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1541.json b/2007/1xxx/CVE-2007-1541.json index 8f1e8b80e6c..aa756bc39a8 100644 --- a/2007/1xxx/CVE-2007-1541.json +++ b/2007/1xxx/CVE-2007-1541.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1541", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) character to protect against directory traversal attacks, which allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence in the login parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1541", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070318 Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463175/100/0/threaded" - }, - { - "name" : "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New", - "refsource" : "MISC", - "url" : "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New" - }, - { - "name" : "23034", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23034" - }, - { - "name" : "ADV-2007-1025", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1025" - }, - { - "name" : "24560", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24560" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Directory traversal vulnerability in am.pl in SQL-Ledger 2.6.27 only checks for the presence of a NULL (%00) character to protect against directory traversal attacks, which allows remote attackers to run arbitrary executables and bypass authentication via a .. (dot dot) sequence in the login parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24560", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24560" + }, + { + "name": "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New", + "refsource": "MISC", + "url": "http://sql-ledger.com/cgi-bin/nav.pl?page=news.html&title=What's%20New" + }, + { + "name": "ADV-2007-1025", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1025" + }, + { + "name": "20070318 Full Disclosure: Arbitrary execution vulnerability in SQL-Ledger and LedgerSMB", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463175/100/0/threaded" + }, + { + "name": "23034", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23034" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1635.json b/2007/1xxx/CVE-2007-1635.json index 3ea6415fb8b..c422c590dcb 100644 --- a/2007/1xxx/CVE-2007-1635.json +++ b/2007/1xxx/CVE-2007-1635.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1635", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a \"ConfigSave\" op to admin.php, which can later be accessed via a \"Configure\" op to admin.php." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1635", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070318 Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution 0day", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/463176/100/0/threaded" - }, - { - "name" : "34303", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34303" - }, - { - "name" : "24571", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/24571" - }, - { - "name" : "2473", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2473" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Static code injection vulnerability in admin/settings.php in Net Portal Dynamic System (NPDS) 5.10 and earlier allows remote authenticated users to inject arbitrary PHP code via the xtop parameter in a \"ConfigSave\" op to admin.php, which can later be accessed via a \"Configure\" op to admin.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "24571", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/24571" + }, + { + "name": "20070318 Net Portal Dynamic System (NPDS) <= 5.10 Remote Code Execution 0day", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/463176/100/0/threaded" + }, + { + "name": "2473", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2473" + }, + { + "name": "34303", + "refsource": "OSVDB", + "url": "http://osvdb.org/34303" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4422.json b/2007/4xxx/CVE-2007-4422.json index d0adb9d7b46..8efe4754647 100644 --- a/2007/4xxx/CVE-2007-4422.json +++ b/2007/4xxx/CVE-2007-4422.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4422", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4422", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.symantec.com/avcenter/security/Content/2007.08.16.html", - "refsource" : "CONFIRM", - "url" : "http://www.symantec.com/avcenter/security/Content/2007.08.16.html" - }, - { - "name" : "25338", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25338" - }, - { - "name" : "ADV-2007-2909", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/2909" - }, - { - "name" : "36489", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/36489" - }, - { - "name" : "1018578", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018578" - }, - { - "name" : "26511", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26511" - }, - { - "name" : "sef-username-enumeration(36081)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key (PSK) authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "26511", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26511" + }, + { + "name": "1018578", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018578" + }, + { + "name": "25338", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25338" + }, + { + "name": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html", + "refsource": "CONFIRM", + "url": "http://www.symantec.com/avcenter/security/Content/2007.08.16.html" + }, + { + "name": "36489", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/36489" + }, + { + "name": "sef-username-enumeration(36081)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36081" + }, + { + "name": "ADV-2007-2909", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/2909" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4671.json b/2007/4xxx/CVE-2007-4671.json index 80aabe0ff50..de26bb8bbd1 100644 --- a/2007/4xxx/CVE-2007-4671.json +++ b/2007/4xxx/CVE-2007-4671.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4671", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to \"alter or access\" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4671", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://docs.info.apple.com/article.html?artnum=306586", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=306586" - }, - { - "name" : "http://docs.info.apple.com/article.html?artnum=307041", - "refsource" : "CONFIRM", - "url" : "http://docs.info.apple.com/article.html?artnum=307041" - }, - { - "name" : "APPLE-SA-2007-09-27", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html" - }, - { - "name" : "APPLE-SA-2007-11-14", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" - }, - { - "name" : "TA07-319A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" - }, - { - "name" : "25852", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25852" - }, - { - "name" : "26444", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26444" - }, - { - "name" : "ADV-2007-3287", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3287" - }, - { - "name" : "ADV-2007-3868", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3868" - }, - { - "name" : "1018752", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018752" - }, - { - "name" : "26983", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/26983" - }, - { - "name" : "27643", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27643" - }, - { - "name" : "iphone-https-security-bypass(36862)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36862" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Safari in Apple iPhone 1.1.1, and Safari 3 before Beta Update 3.0.4 on Windows and Mac OS X 10.4 through 10.4.10, allows remote attackers to \"alter or access\" HTTPS content via an HTTP session with a crafted web page that causes Javascript to be applied to HTTPS pages from the same domain." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2007-09-27", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2007/Sep/msg00001.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=306586", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=306586" + }, + { + "name": "26444", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26444" + }, + { + "name": "APPLE-SA-2007-11-14", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html" + }, + { + "name": "http://docs.info.apple.com/article.html?artnum=307041", + "refsource": "CONFIRM", + "url": "http://docs.info.apple.com/article.html?artnum=307041" + }, + { + "name": "iphone-https-security-bypass(36862)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36862" + }, + { + "name": "26983", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/26983" + }, + { + "name": "ADV-2007-3868", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3868" + }, + { + "name": "25852", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25852" + }, + { + "name": "ADV-2007-3287", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3287" + }, + { + "name": "27643", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27643" + }, + { + "name": "TA07-319A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-319A.html" + }, + { + "name": "1018752", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018752" + } + ] + } +} \ No newline at end of file diff --git a/2007/4xxx/CVE-2007-4740.json b/2007/4xxx/CVE-2007-4740.json index 5b51f4c044b..bb3a1555d2e 100644 --- a/2007/4xxx/CVE-2007-4740.json +++ b/2007/4xxx/CVE-2007-4740.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-4740", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-4740", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070903 Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll (v.1) remote arbitrary registry key manipulation", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/478449/100/0/threaded" - }, - { - "name" : "http://retrogod.altervista.org/telecom_regkey.html", - "refsource" : "MISC", - "url" : "http://retrogod.altervista.org/telecom_regkey.html" - }, - { - "name" : "25516", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25516" - }, - { - "name" : "38923", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/38923" - }, - { - "name" : "1018644", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1018644" - }, - { - "name" : "3098", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/3098" - }, - { - "name" : "alice-messenger-hp-unauth-access(36408)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/36408" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The HPRevolutionRegistryManager ActiveX control in Hp.Revolution.RegistryManager.dll 1 in Telecom Italy Alice Messenger allows remote attackers to create registry keys and values via the arguments to the WriteRegistry method." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "38923", + "refsource": "OSVDB", + "url": "http://osvdb.org/38923" + }, + { + "name": "20070903 Telecom Italy Alice Messenger Hp.Revolution.RegistryManager.dll (v.1) remote arbitrary registry key manipulation", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/478449/100/0/threaded" + }, + { + "name": "25516", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25516" + }, + { + "name": "http://retrogod.altervista.org/telecom_regkey.html", + "refsource": "MISC", + "url": "http://retrogod.altervista.org/telecom_regkey.html" + }, + { + "name": "alice-messenger-hp-unauth-access(36408)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36408" + }, + { + "name": "1018644", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1018644" + }, + { + "name": "3098", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/3098" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5365.json b/2007/5xxx/CVE-2007-5365.json index 5da65654669..988d676f028 100644 --- a/2007/5xxx/CVE-2007-5365.json +++ b/2007/5xxx/CVE-2007-5365.json @@ -1,192 +1,192 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5365", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5365", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSDâ??s DHCP server", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/482085/100/100/threaded" - }, - { - "name" : "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/483230/100/100/threaded" - }, - { - "name" : "4601", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4601" - }, - { - "name" : "http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962", - "refsource" : "MISC", - "url" : "http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962" - }, - { - "name" : "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c", - "refsource" : "CONFIRM", - "url" : "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c" - }, - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354" - }, - { - "name" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1", - "refsource" : "CONFIRM", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1" - }, - { - "name" : "DSA-1388", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2007/dsa-1388" - }, - { - "name" : "[4.0] 20071008 016: SECURITY FIX: October 8, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata40.html#016_dhcpd" - }, - { - "name" : "[4.1] 20071008 010: SECURITY FIX: October 8, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata41.html#010_dhcpd" - }, - { - "name" : "[4.2] 20071008 001: SECURITY FIX: October 8, 2007", - "refsource" : "OPENBSD", - "url" : "http://www.openbsd.org/errata42.html#001_dhcpd" - }, - { - "name" : "RHSA-2007:0970", - "refsource" : "REDHAT", - "url" : "http://www.redhat.com/support/errata/RHSA-2007-0970.html" - }, - { - "name" : "243806", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1" - }, - { - "name" : "USN-531-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-531-1" - }, - { - "name" : "USN-531-2", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/usn-531-2" - }, - { - "name" : "25984", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25984" - }, - { - "name" : "32213", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/32213" - }, - { - "name" : "oval:org.mitre.oval:def:5817", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817" - }, - { - "name" : "ADV-2008-3088", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/3088" - }, - { - "name" : "1018794", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018794" - }, - { - "name" : "1021157", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1021157" - }, - { - "name" : "27160", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27160" - }, - { - "name" : "27273", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27273" - }, - { - "name" : "27350", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27350" - }, - { - "name" : "27338", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27338" - }, - { - "name" : "32668", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/32668" - }, - { - "name" : "openbsd-dhcp-bo(37045)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27338", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27338" + }, + { + "name": "27350", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27350" + }, + { + "name": "ADV-2008-3088", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/3088" + }, + { + "name": "4601", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4601" + }, + { + "name": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c", + "refsource": "CONFIRM", + "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/dhcpd/options.c" + }, + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446354" + }, + { + "name": "[4.2] 20071008 001: SECURITY FIX: October 8, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata42.html#001_dhcpd" + }, + { + "name": "25984", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25984" + }, + { + "name": "20071102 DoS Exploit for DHCPd bug (Bugtraq ID 25984 ; CVE-2007-5365)", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/483230/100/100/threaded" + }, + { + "name": "openbsd-dhcp-bo(37045)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37045" + }, + { + "name": "RHSA-2007:0970", + "refsource": "REDHAT", + "url": "http://www.redhat.com/support/errata/RHSA-2007-0970.html" + }, + { + "name": "DSA-1388", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2007/dsa-1388" + }, + { + "name": "http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962", + "refsource": "MISC", + "url": "http://www.coresecurity.com/index.php5?module=ContentMod&action=item&id=1962" + }, + { + "name": "USN-531-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-531-1" + }, + { + "name": "oval:org.mitre.oval:def:5817", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5817" + }, + { + "name": "USN-531-2", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/usn-531-2" + }, + { + "name": "27160", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27160" + }, + { + "name": "20071011 CORE-2007-0928: Stack-based buffer overflow vulnerability in OpenBSDâ??s DHCP server", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/482085/100/100/threaded" + }, + { + "name": "27273", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27273" + }, + { + "name": "[4.0] 20071008 016: SECURITY FIX: October 8, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata40.html#016_dhcpd" + }, + { + "name": "243806", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-243806-1" + }, + { + "name": "32668", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/32668" + }, + { + "name": "[4.1] 20071008 010: SECURITY FIX: October 8, 2007", + "refsource": "OPENBSD", + "url": "http://www.openbsd.org/errata41.html#010_dhcpd" + }, + { + "name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1", + "refsource": "CONFIRM", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-109077-21-1" + }, + { + "name": "1018794", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018794" + }, + { + "name": "1021157", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1021157" + }, + { + "name": "32213", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/32213" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5482.json b/2007/5xxx/CVE-2007-5482.json index 13f1d4cab90..d7b7e9eee67 100644 --- a/2007/5xxx/CVE-2007-5482.json +++ b/2007/5xxx/CVE-2007-5482.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5482", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware before 4.21 allows remote attackers, with access to the Ethernet management interface, to cause a denial of service (I/O request timeout and device hang) via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5482", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "103106", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1" - }, - { - "name" : "201253", - "refsource" : "SUNALERT", - "url" : "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201253-1" - }, - { - "name" : "26086", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26086" - }, - { - "name" : "ADV-2007-3507", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3507" - }, - { - "name" : "40168", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/40168" - }, - { - "name" : "1018819", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018819" - }, - { - "name" : "27201", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27201" - }, - { - "name" : "storedge-ftp-dos(37221)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37221" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware before 4.21 allows remote attackers, with access to the Ethernet management interface, to cause a denial of service (I/O request timeout and device hang) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "27201", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27201" + }, + { + "name": "storedge-ftp-dos(37221)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37221" + }, + { + "name": "1018819", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018819" + }, + { + "name": "ADV-2007-3507", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3507" + }, + { + "name": "40168", + "refsource": "OSVDB", + "url": "http://osvdb.org/40168" + }, + { + "name": "103106", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1" + }, + { + "name": "26086", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26086" + }, + { + "name": "201253", + "refsource": "SUNALERT", + "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201253-1" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5749.json b/2007/5xxx/CVE-2007-5749.json index 17376c7fcc6..679e582b7e6 100644 --- a/2007/5xxx/CVE-2007-5749.json +++ b/2007/5xxx/CVE-2007-5749.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5749", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5749", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2470.json b/2015/2xxx/CVE-2015-2470.json index c1861799624..0a1336994e6 100644 --- a/2015/2xxx/CVE-2015-2470.json +++ b/2015/2xxx/CVE-2015-2470.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2470", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Integer Underflow Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2015-2470", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "37924", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/37924/" - }, - { - "name" : "MS15-081", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081" - }, - { - "name" : "1033239", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033239" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office Integer Underflow Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "37924", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/37924/" + }, + { + "name": "MS15-081", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081" + }, + { + "name": "1033239", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033239" + } + ] + } +} \ No newline at end of file diff --git a/2015/2xxx/CVE-2015-2699.json b/2015/2xxx/CVE-2015-2699.json index bd5e924567e..f855c30e65d 100644 --- a/2015/2xxx/CVE-2015-2699.json +++ b/2015/2xxx/CVE-2015-2699.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-2699", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-2699", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3369.json b/2015/3xxx/CVE-2015-3369.json index e4c77a1e821..e0031f1c387 100644 --- a/2015/3xxx/CVE-2015-3369.json +++ b/2015/3xxx/CVE-2015-3369.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3369", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via a term name in a block." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3369", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/01/29/6" - }, - { - "name" : "https://www.drupal.org/node/2411573", - "refsource" : "MISC", - "url" : "https://www.drupal.org/node/2411573" - }, - { - "name" : "https://www.drupal.org/node/2409767", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2409767" - }, - { - "name" : "https://www.drupal.org/node/2409769", - "refsource" : "CONFIRM", - "url" : "https://www.drupal.org/node/2409769" - }, - { - "name" : "74274", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74274" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the Taxonews module before 6.x-1.2 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the \"administer taxonomy\" permission to inject arbitrary web script or HTML via a term name in a block." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74274", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74274" + }, + { + "name": "https://www.drupal.org/node/2411573", + "refsource": "MISC", + "url": "https://www.drupal.org/node/2411573" + }, + { + "name": "https://www.drupal.org/node/2409767", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2409767" + }, + { + "name": "https://www.drupal.org/node/2409769", + "refsource": "CONFIRM", + "url": "https://www.drupal.org/node/2409769" + }, + { + "name": "[oss-security] 20150129 Re: CVEs for Drupal contributed modules - January 2015", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/01/29/6" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3552.json b/2015/3xxx/CVE-2015-3552.json index dbcc16e3e37..3e92411a221 100644 --- a/2015/3xxx/CVE-2015-3552.json +++ b/2015/3xxx/CVE-2015-3552.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3552", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3552", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3612.json b/2015/3xxx/CVE-2015-3612.json index 6b1195df78c..75f288f8b19 100644 --- a/2015/3xxx/CVE-2015-3612.json +++ b/2015/3xxx/CVE-2015-3612.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3612", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3612", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6023.json b/2015/6xxx/CVE-2015-6023.json index 53fd98491a3..06b07786a07 100644 --- a/2015/6xxx/CVE-2015-6023.json +++ b/2015/6xxx/CVE-2015-6023.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6023", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2015-6023", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160503 NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538263/100/0/threaded" - }, - { - "name" : "20160505 Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/538297/100/0/threaded" - }, - { - "name" : "39762", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/39762/" - }, - { - "name" : "20160506 NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/May/13" - }, - { - "name" : "20160506 Re: NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2016/May/18" - }, - { - "name" : "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html" - }, - { - "name" : "96383", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96383" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 allows remote attackers to bypass intended access restrictions via a direct request. NOTE: this issue can be combined with CVE-2015-6024 to execute arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "39762", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/39762/" + }, + { + "name": "20160506 Re: NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/May/18" + }, + { + "name": "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136901/NetCommWireless-HSPA-3G10WVE-Authentication-Bypass-Code-Execution.html" + }, + { + "name": "20160505 Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538297/100/0/threaded" + }, + { + "name": "20160506 NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2016/May/13" + }, + { + "name": "20160503 NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/538263/100/0/threaded" + }, + { + "name": "96383", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96383" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6313.json b/2015/6xxx/CVE-2015-6313.json index f1129908630..c2e8e3cb707 100644 --- a/2015/6xxx/CVE-2015-6313.json +++ b/2015/6xxx/CVE-2015-6313.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6313", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2015-6313", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160406 Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1" - }, - { - "name" : "1035501", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035501" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; Multiparty Media 310, 320, and 820; and Virtual Machine (VM) devices allows remote attackers to cause a denial of service (memory consumption or device reload) via crafted HTTP requests that are not followed by an unspecified negotiation, aka Bug ID CSCuv47565." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035501", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035501" + }, + { + "name": "20160406 Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts1" + } + ] + } +} \ No newline at end of file diff --git a/2015/6xxx/CVE-2015-6993.json b/2015/6xxx/CVE-2015-6993.json index e4e75a100b4..301b658f46d 100644 --- a/2015/6xxx/CVE-2015-6993.json +++ b/2015/6xxx/CVE-2015-6993.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-6993", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2015-6993", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.apple.com/HT205370", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205370" - }, - { - "name" : "https://support.apple.com/HT205375", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205375" - }, - { - "name" : "APPLE-SA-2015-10-21-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" - }, - { - "name" : "APPLE-SA-2015-10-21-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" - }, - { - "name" : "77263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/77263" - }, - { - "name" : "1033929", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1033929" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font file, a different vulnerability than CVE-2015-6976, CVE-2015-6977, CVE-2015-6978, CVE-2015-6990, CVE-2015-6991, CVE-2015-7008, CVE-2015-7009, CVE-2015-7010, and CVE-2015-7018." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "APPLE-SA-2015-10-21-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html" + }, + { + "name": "APPLE-SA-2015-10-21-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2015/Oct/msg00002.html" + }, + { + "name": "https://support.apple.com/HT205375", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205375" + }, + { + "name": "https://support.apple.com/HT205370", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205370" + }, + { + "name": "77263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/77263" + }, + { + "name": "1033929", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1033929" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7472.json b/2015/7xxx/CVE-2015-7472.json index ad508f146a0..9f63225c76c 100644 --- a/2015/7xxx/CVE-2015-7472.json +++ b/2015/7xxx/CVE-2015-7472.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7472", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2015-7472", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972736", - "refsource" : "CONFIRM", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg21972736" - }, - { - "name" : "PI53426", - "refsource" : "AIXAPAR", - "url" : "http://www-01.ibm.com/support/docview.wss?uid=swg1PI53426" - }, - { - "name" : "1035324", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035324" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP injection attacks, and consequently read or write to repository data, via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035324", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035324" + }, + { + "name": "PI53426", + "refsource": "AIXAPAR", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI53426" + }, + { + "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21972736", + "refsource": "CONFIRM", + "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21972736" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7606.json b/2015/7xxx/CVE-2015-7606.json index 47c2d4aaff2..a2b1a934448 100644 --- a/2015/7xxx/CVE-2015-7606.json +++ b/2015/7xxx/CVE-2015-7606.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7606", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7606", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7611.json b/2015/7xxx/CVE-2015-7611.json index 8ee528b641a..05b315dde1c 100644 --- a/2015/7xxx/CVE-2015-7611.json +++ b/2015/7xxx/CVE-2015-7611.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7611", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7611", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150930 Apache James Server 2.3.2 security vulnerability fixed", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/536575/100/0/threaded" - }, - { - "name" : "[oss-security] 20150930 Apache James Server 2.3.2 security vulnerability fixed", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/09/30/7" - }, - { - "name" : "[oss-security] 20151001 Re: Apache James Server 2.3.2 security vulnerability fixed VU#988628", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2015/10/01/2" - }, - { - "name" : "http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html" - }, - { - "name" : "https://blogs.apache.org/james/entry/apache_james_server_2_3", - "refsource" : "CONFIRM", - "url" : "https://blogs.apache.org/james/entry/apache_james_server_2_3" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20150930 Apache James Server 2.3.2 security vulnerability fixed", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/536575/100/0/threaded" + }, + { + "name": "[oss-security] 20151001 Re: Apache James Server 2.3.2 security vulnerability fixed VU#988628", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/10/01/2" + }, + { + "name": "http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133798/Apache-James-Server-2.3.2-Arbitrary-Command-Execution.html" + }, + { + "name": "https://blogs.apache.org/james/entry/apache_james_server_2_3", + "refsource": "CONFIRM", + "url": "https://blogs.apache.org/james/entry/apache_james_server_2_3" + }, + { + "name": "[oss-security] 20150930 Apache James Server 2.3.2 security vulnerability fixed", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2015/09/30/7" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7729.json b/2015/7xxx/CVE-2015-7729.json index d4f0b130d66..cda6b948699 100644 --- a/2015/7xxx/CVE-2015-7729.json +++ b/2015/7xxx/CVE-2015-7729.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7729", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via unspecified vectors, aka SAP Security Note 2153892." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-7729", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150929 [Onapsis Security Advisory 2015-017] SAP HANA XSJS Code Injection in test-net.xsjs", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/Sep/112" - }, - { - "name" : "http://packetstormsecurity.com/files/133763/SAP-HANA-test-net.xsjs-Code-Injection.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/133763/SAP-HANA-test-net.xsjs-Code-Injection.html" - }, - { - "name" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" - }, - { - "name" : "https://www.onapsis.com/research/security-advisories/sap-hana-xsjs-code-injection-test-net", - "refsource" : "MISC", - "url" : "https://www.onapsis.com/research/security-advisories/sap-hana-xsjs-code-injection-test-net" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via unspecified vectors, aka SAP Security Note 2153892." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.onapsis.com/research/security-advisories/sap-hana-xsjs-code-injection-test-net", + "refsource": "MISC", + "url": "https://www.onapsis.com/research/security-advisories/sap-hana-xsjs-code-injection-test-net" + }, + { + "name": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition", + "refsource": "MISC", + "url": "https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition" + }, + { + "name": "http://packetstormsecurity.com/files/133763/SAP-HANA-test-net.xsjs-Code-Injection.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/133763/SAP-HANA-test-net.xsjs-Code-Injection.html" + }, + { + "name": "20150929 [Onapsis Security Advisory 2015-017] SAP HANA XSJS Code Injection in test-net.xsjs", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/Sep/112" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0109.json b/2016/0xxx/CVE-2016-0109.json index 1ae257118fc..ad7a663d561 100644 --- a/2016/0xxx/CVE-2016-0109.json +++ b/2016/0xxx/CVE-2016-0109.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0109", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0109", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-184", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-184" - }, - { - "name" : "MS16-023", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" - }, - { - "name" : "MS16-024", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" - }, - { - "name" : "84020", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84020" - }, - { - "name" : "1035203", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035203" - }, - { - "name" : "1035204", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Microsoft Browser Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0102, CVE-2016-0103, CVE-2016-0106, CVE-2016-0108, and CVE-2016-0114." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035204", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035204" + }, + { + "name": "84020", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84020" + }, + { + "name": "MS16-024", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-024" + }, + { + "name": "1035203", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035203" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-184", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-184" + }, + { + "name": "MS16-023", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-023" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0177.json b/2016/0xxx/CVE-2016-0177.json index 410b202f96a..c443e985db2 100644 --- a/2016/0xxx/CVE-2016-0177.json +++ b/2016/0xxx/CVE-2016-0177.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0177", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2016-0177", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0189.json b/2016/0xxx/CVE-2016-0189.json index 8d295652e1a..4b196d417dc 100644 --- a/2016/0xxx/CVE-2016-0189.json +++ b/2016/0xxx/CVE-2016-0189.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0189", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0187." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0189", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "40118", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/40118/" - }, - { - "name" : "https://www.virusbulletin.com/virusbulletin/2017/01/journey-and-evolution-god-mode-2016-cve-2016-0189/", - "refsource" : "MISC", - "url" : "https://www.virusbulletin.com/virusbulletin/2017/01/journey-and-evolution-god-mode-2016-cve-2016-0189/" - }, - { - "name" : "MS16-051", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" - }, - { - "name" : "MS16-053", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-053" - }, - { - "name" : "90012", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90012" - }, - { - "name" : "1035820", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035820" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka \"Scripting Engine Memory Corruption Vulnerability,\" a different vulnerability than CVE-2016-0187." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "90012", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90012" + }, + { + "name": "https://www.virusbulletin.com/virusbulletin/2017/01/journey-and-evolution-god-mode-2016-cve-2016-0189/", + "refsource": "MISC", + "url": "https://www.virusbulletin.com/virusbulletin/2017/01/journey-and-evolution-god-mode-2016-cve-2016-0189/" + }, + { + "name": "MS16-051", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051" + }, + { + "name": "MS16-053", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-053" + }, + { + "name": "40118", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/40118/" + }, + { + "name": "1035820", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035820" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0597.json b/2016/0xxx/CVE-2016-0597.json index 91cac0a2d76..ea2f17276d0 100644 --- a/2016/0xxx/CVE-2016-0597.json +++ b/2016/0xxx/CVE-2016-0597.json @@ -1,167 +1,167 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0597", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-0597", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" - }, - { - "name" : "https://mariadb.com/kb/en/mdb-10023-rn/", - "refsource" : "CONFIRM", - "url" : "https://mariadb.com/kb/en/mdb-10023-rn/" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" - }, - { - "name" : "DSA-3453", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3453" - }, - { - "name" : "DSA-3459", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3459" - }, - { - "name" : "RHSA-2016:0534", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0534.html" - }, - { - "name" : "RHSA-2016:0705", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0705.html" - }, - { - "name" : "RHSA-2016:1132", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHSA-2016:1132" - }, - { - "name" : "RHSA-2016:1480", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1480.html" - }, - { - "name" : "RHSA-2016:1481", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1481.html" - }, - { - "name" : "openSUSE-SU-2016:0367", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:1686", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" - }, - { - "name" : "SUSE-SU-2016:1619", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" - }, - { - "name" : "SUSE-SU-2016:1620", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" - }, - { - "name" : "openSUSE-SU-2016:1664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" - }, - { - "name" : "openSUSE-SU-2016:0377", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" - }, - { - "name" : "USN-2881-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2881-1" - }, - { - "name" : "81151", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81151" - }, - { - "name" : "1034708", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034708" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1620", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html" + }, + { + "name": "RHSA-2016:1481", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1481.html" + }, + { + "name": "openSUSE-SU-2016:0367", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html" + }, + { + "name": "RHSA-2016:1132", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2016:1132" + }, + { + "name": "DSA-3459", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3459" + }, + { + "name": "1034708", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034708" + }, + { + "name": "RHSA-2016:0534", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0534.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" + }, + { + "name": "SUSE-SU-2016:1619", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" + }, + { + "name": "RHSA-2016:1480", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1480.html" + }, + { + "name": "openSUSE-SU-2016:1664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" + }, + { + "name": "https://mariadb.com/kb/en/mdb-10023-rn/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mdb-10023-rn/" + }, + { + "name": "USN-2881-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2881-1" + }, + { + "name": "openSUSE-SU-2016:0377", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html" + }, + { + "name": "81151", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81151" + }, + { + "name": "DSA-3453", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3453" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/" + }, + { + "name": "openSUSE-SU-2016:1686", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html" + }, + { + "name": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/", + "refsource": "CONFIRM", + "url": "https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/" + }, + { + "name": "RHSA-2016:0705", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0705.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000033.json b/2016/1000xxx/CVE-2016-1000033.json index e125a9e6891..b67120c2a4c 100644 --- a/2016/1000xxx/CVE-2016-1000033.json +++ b/2016/1000xxx/CVE-2016-1000033.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000033", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000033", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugzilla.gnome.org/show_bug.cgi?id=754488", - "refsource" : "MISC", - "url" : "https://bugzilla.gnome.org/show_bug.cgi?id=754488" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Shotwell version 0.22.0 (and possibly other versions) is vulnerable to a TLS/SSL certification validation flaw resulting in a potential for man in the middle attacks." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugzilla.gnome.org/show_bug.cgi?id=754488", + "refsource": "MISC", + "url": "https://bugzilla.gnome.org/show_bug.cgi?id=754488" + } + ] + } +} \ No newline at end of file diff --git a/2016/1000xxx/CVE-2016-1000159.json b/2016/1000xxx/CVE-2016-1000159.json index e309317f323..8a97ac61b9e 100644 --- a/2016/1000xxx/CVE-2016-1000159.json +++ b/2016/1000xxx/CVE-2016-1000159.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1000159", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1000159", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1115.json b/2016/1xxx/CVE-2016-1115.json index dc9ec4bdeaf..d75f6c772b6 100644 --- a/2016/1xxx/CVE-2016-1115.json +++ b/2016/1xxx/CVE-2016-1115.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1115", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1115", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html" - }, - { - "name" : "90514", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90514" - }, - { - "name" : "1035829", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035829" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035829", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035829" + }, + { + "name": "90514", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90514" + }, + { + "name": "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/coldfusion/apsb16-16.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1215.json b/2016/1xxx/CVE-2016-1215.json index 41992b523eb..6e1585602fa 100644 --- a/2016/1xxx/CVE-2016-1215.json +++ b/2016/1xxx/CVE-2016-1215.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1215", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in the \"User details\" function in Cybozu Garoon before 4.2.2." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "vultures@jpcert.or.jp", + "ID": "CVE-2016-1215", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://support.cybozu.com/ja-jp/article/9223", - "refsource" : "CONFIRM", - "url" : "https://support.cybozu.com/ja-jp/article/9223" - }, - { - "name" : "JVN#67595539", - "refsource" : "JVN", - "url" : "http://jvn.jp/en/jp/JVN67595539/index.html" - }, - { - "name" : "JVNDB-2016-000144", - "refsource" : "JVNDB", - "url" : "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000144.html" - }, - { - "name" : "92601", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92601" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in the \"User details\" function in Cybozu Garoon before 4.2.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "JVNDB-2016-000144", + "refsource": "JVNDB", + "url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000144.html" + }, + { + "name": "https://support.cybozu.com/ja-jp/article/9223", + "refsource": "CONFIRM", + "url": "https://support.cybozu.com/ja-jp/article/9223" + }, + { + "name": "JVN#67595539", + "refsource": "JVN", + "url": "http://jvn.jp/en/jp/JVN67595539/index.html" + }, + { + "name": "92601", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92601" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1234.json b/2016/1xxx/CVE-2016-1234.json index 892f6799f18..e4609323484 100644 --- a/2016/1xxx/CVE-2016-1234.json +++ b/2016/1xxx/CVE-2016-1234.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1234", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@debian.org", + "ID": "CVE-2016-1234", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/03/07/16" - }, - { - "name" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19779", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/bugzilla/show_bug.cgi?id=19779" - }, - { - "name" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea", - "refsource" : "CONFIRM", - "url" : "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea" - }, - { - "name" : "FEDORA-2016-68abc0be35", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html" - }, - { - "name" : "GLSA-201702-11", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201702-11" - }, - { - "name" : "openSUSE-SU-2016:1527", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html" - }, - { - "name" : "openSUSE-SU-2016:1779", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html" - }, - { - "name" : "84204", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84204" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "FEDORA-2016-68abc0be35", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184626.html" + }, + { + "name": "openSUSE-SU-2016:1779", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00039.html" + }, + { + "name": "[oss-security] 20160307 CVE-2016-1234 in glibc glob with GLOB_ALTDIRFUNC", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/03/07/16" + }, + { + "name": "GLSA-201702-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201702-11" + }, + { + "name": "84204", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84204" + }, + { + "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779", + "refsource": "CONFIRM", + "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=19779" + }, + { + "name": "openSUSE-SU-2016:1527", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00030.html" + }, + { + "name": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea", + "refsource": "CONFIRM", + "url": "https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5171f3079f2cc53e0548fc4967361f4d1ce9d7ea" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1506.json b/2016/1xxx/CVE-2016-1506.json index f5d1ff98e26..2f15aefb254 100644 --- a/2016/1xxx/CVE-2016-1506.json +++ b/2016/1xxx/CVE-2016-1506.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1506", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1506", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1631.json b/2016/1xxx/CVE-2016-1631.json index 79cf24ff659..f4757a47322 100644 --- a/2016/1xxx/CVE-2016-1631.json +++ b/2016/1xxx/CVE-2016-1631.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1631", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@google.com", + "ID": "CVE-2016-1631", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", - "refsource" : "CONFIRM", - "url" : "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" - }, - { - "name" : "https://code.google.com/p/chromium/issues/detail?id=569496", - "refsource" : "CONFIRM", - "url" : "https://code.google.com/p/chromium/issues/detail?id=569496" - }, - { - "name" : "https://codereview.chromium.org/1559113002/", - "refsource" : "CONFIRM", - "url" : "https://codereview.chromium.org/1559113002/" - }, - { - "name" : "DSA-3507", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3507" - }, - { - "name" : "GLSA-201603-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-09" - }, - { - "name" : "SUSE-SU-2016:0665", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" - }, - { - "name" : "openSUSE-SU-2016:0664", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" - }, - { - "name" : "openSUSE-SU-2016:0684", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" - }, - { - "name" : "openSUSE-SU-2016:0729", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" - }, - { - "name" : "USN-2920-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2920-1" - }, - { - "name" : "84008", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/84008" - }, - { - "name" : "1035185", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035185" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The PPB_Flash_MessageLoop_Impl::InternalRun function in content/renderer/pepper/ppb_flash_message_loop_impl.cc in the Pepper plugin in Google Chrome before 49.0.2623.75 mishandles nested message loops, which allows remote attackers to bypass the Same Origin Policy via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "openSUSE-SU-2016:0664", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" + }, + { + "name": "openSUSE-SU-2016:0684", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" + }, + { + "name": "84008", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/84008" + }, + { + "name": "DSA-3507", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3507" + }, + { + "name": "1035185", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035185" + }, + { + "name": "https://codereview.chromium.org/1559113002/", + "refsource": "CONFIRM", + "url": "https://codereview.chromium.org/1559113002/" + }, + { + "name": "openSUSE-SU-2016:0729", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" + }, + { + "name": "SUSE-SU-2016:0665", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" + }, + { + "name": "GLSA-201603-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-09" + }, + { + "name": "https://code.google.com/p/chromium/issues/detail?id=569496", + "refsource": "CONFIRM", + "url": "https://code.google.com/p/chromium/issues/detail?id=569496" + }, + { + "name": "USN-2920-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2920-1" + }, + { + "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", + "refsource": "CONFIRM", + "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/4xxx/CVE-2016-4323.json b/2016/4xxx/CVE-2016-4323.json index 5536a68fe04..128608896f5 100644 --- a/2016/4xxx/CVE-2016-4323.json +++ b/2016/4xxx/CVE-2016-4323.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cert@cert.org", - "ID" : "CVE-2016-4323", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Pidgin", - "version" : { - "version_data" : [ - { - "version_value" : "2.10.11" - } - ] - } - } - ] - }, - "vendor_name" : "Pidgin" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "directory traversal" - } + "CVE_data_meta": { + "ASSIGNER": "cert@cert.org", + "ID": "CVE-2016-4323", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pidgin", + "version": { + "version_data": [ + { + "version_value": "2.10.11" + } + ] + } + } + ] + }, + "vendor_name": "Pidgin" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.talosintelligence.com/reports/TALOS-2016-0128/", - "refsource" : "MISC", - "url" : "http://www.talosintelligence.com/reports/TALOS-2016-0128/" - }, - { - "name" : "http://www.pidgin.im/news/security/?id=97", - "refsource" : "CONFIRM", - "url" : "http://www.pidgin.im/news/security/?id=97" - }, - { - "name" : "DSA-3620", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3620" - }, - { - "name" : "GLSA-201701-38", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-38" - }, - { - "name" : "USN-3031-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3031-1" - }, - { - "name" : "91335", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91335" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A directory traversal exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially result in an overwrite of files. A malicious server or someone with access to the network traffic can provide an invalid filename for a splash image triggering the vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "directory traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91335", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91335" + }, + { + "name": "http://www.pidgin.im/news/security/?id=97", + "refsource": "CONFIRM", + "url": "http://www.pidgin.im/news/security/?id=97" + }, + { + "name": "DSA-3620", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3620" + }, + { + "name": "http://www.talosintelligence.com/reports/TALOS-2016-0128/", + "refsource": "MISC", + "url": "http://www.talosintelligence.com/reports/TALOS-2016-0128/" + }, + { + "name": "GLSA-201701-38", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-38" + }, + { + "name": "USN-3031-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3031-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5464.json b/2016/5xxx/CVE-2016-5464.json index 7a7b43d44b3..97a7c8311be 100644 --- a/2016/5xxx/CVE-2016-5464.json +++ b/2016/5xxx/CVE-2016-5464.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5464", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5463." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5464", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" - }, - { - "name" : "91787", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91787" - }, - { - "name" : "91994", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/91994" - }, - { - "name" : "1036400", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036400" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect integrity via vectors related to SWSE Server, a different vulnerability than CVE-2016-5463." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "91994", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91994" + }, + { + "name": "1036400", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036400" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" + }, + { + "name": "91787", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/91787" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5766.json b/2016/5xxx/CVE-2016-5766.json index f93b7f09b1b..ff554e40f54 100644 --- a/2016/5xxx/CVE-2016-5766.json +++ b/2016/5xxx/CVE-2016-5766.json @@ -1,132 +1,132 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5766", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-5766", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/06/23/4" - }, - { - "name" : "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1", - "refsource" : "CONFIRM", - "url" : "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1" - }, - { - "name" : "http://php.net/ChangeLog-5.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-5.php" - }, - { - "name" : "http://php.net/ChangeLog-7.php", - "refsource" : "CONFIRM", - "url" : "http://php.net/ChangeLog-7.php" - }, - { - "name" : "https://bugs.php.net/bug.php?id=72339", - "refsource" : "CONFIRM", - "url" : "https://bugs.php.net/bug.php?id=72339" - }, - { - "name" : "https://libgd.github.io/release-2.2.3.html", - "refsource" : "CONFIRM", - "url" : "https://libgd.github.io/release-2.2.3.html" - }, - { - "name" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", - "refsource" : "CONFIRM", - "url" : "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" - }, - { - "name" : "DSA-3619", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3619" - }, - { - "name" : "GLSA-201612-09", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201612-09" - }, - { - "name" : "RHSA-2016:2598", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2598.html" - }, - { - "name" : "RHSA-2016:2750", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2750.html" - }, - { - "name" : "SUSE-SU-2016:2013", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html" - }, - { - "name" : "openSUSE-SU-2016:1761", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" - }, - { - "name" : "openSUSE-SU-2016:1922", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" - }, - { - "name" : "USN-3030-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3030-1" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.php.net/bug.php?id=72339", + "refsource": "CONFIRM", + "url": "https://bugs.php.net/bug.php?id=72339" + }, + { + "name": "https://libgd.github.io/release-2.2.3.html", + "refsource": "CONFIRM", + "url": "https://libgd.github.io/release-2.2.3.html" + }, + { + "name": "openSUSE-SU-2016:1761", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00004.html" + }, + { + "name": "openSUSE-SU-2016:1922", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html" + }, + { + "name": "RHSA-2016:2750", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2750.html" + }, + { + "name": "RHSA-2016:2598", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2598.html" + }, + { + "name": "http://php.net/ChangeLog-5.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-5.php" + }, + { + "name": "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1", + "refsource": "CONFIRM", + "url": "http://github.com/php/php-src/commit/7722455726bec8c53458a32851d2a87982cf0eac?w=1" + }, + { + "name": "[oss-security] 20160623 Re: CVE for PHP 5.5.37 issues", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/06/23/4" + }, + { + "name": "GLSA-201612-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201612-09" + }, + { + "name": "http://php.net/ChangeLog-7.php", + "refsource": "CONFIRM", + "url": "http://php.net/ChangeLog-7.php" + }, + { + "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731", + "refsource": "CONFIRM", + "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05240731" + }, + { + "name": "DSA-3619", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3619" + }, + { + "name": "SUSE-SU-2016:2013", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00025.html" + }, + { + "name": "USN-3030-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3030-1" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0409.json b/2019/0xxx/CVE-2019-0409.json index d98d730c673..4b31b6e1c51 100644 --- a/2019/0xxx/CVE-2019-0409.json +++ b/2019/0xxx/CVE-2019-0409.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0409", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0409", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0787.json b/2019/0xxx/CVE-2019-0787.json index 354836f5a86..603b180cd24 100644 --- a/2019/0xxx/CVE-2019-0787.json +++ b/2019/0xxx/CVE-2019-0787.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0787", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0787", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0955.json b/2019/0xxx/CVE-2019-0955.json index 9c5ae4aae6b..a420b81da2f 100644 --- a/2019/0xxx/CVE-2019-0955.json +++ b/2019/0xxx/CVE-2019-0955.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0955", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0955", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1003xxx/CVE-2019-1003000.json b/2019/1003xxx/CVE-2019-1003000.json index 167879c33b6..4709892585c 100644 --- a/2019/1003xxx/CVE-2019-1003000.json +++ b/2019/1003xxx/CVE-2019-1003000.json @@ -1,74 +1,74 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "kurt@seifried.org", - "DATE_ASSIGNED" : "2019-01-21T18:56:51.574311", - "ID" : "CVE-2019-1003000", - "REQUESTER" : "ml@beckweb.net", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Script Security Plugin", - "version" : { - "version_data" : [ - { - "version_value" : "2.49 and earlier" - } - ] - } - } - ] - }, - "vendor_name" : "Jenkins project" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A sandbox bypass vulnerability exists in Script Security Plugin 2.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "CWE-693" - } + "CVE_data_meta": { + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "DATE_ASSIGNED": "2019-01-21T18:56:51.574311", + "ID": "CVE-2019-1003000", + "REQUESTER": "ml@beckweb.net", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Script Security Plugin", + "version": { + "version_data": [ + { + "version_value": "2.49 and earlier" + } + ] + } + } + ] + }, + "vendor_name": "Jenkins project" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "46453", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/46453/" - }, - { - "name" : "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266", - "refsource" : "CONFIRM", - "url" : "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266" - }, - { - "name" : "RHBA-2019:0326", - "refsource" : "REDHAT", - "url" : "https://access.redhat.com/errata/RHBA-2019:0326" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A sandbox bypass vulnerability exists in Script Security Plugin 2.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-693" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266", + "refsource": "CONFIRM", + "url": "https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266" + }, + { + "name": "46453", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/46453/" + }, + { + "name": "RHBA-2019:0326", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHBA-2019:0326" + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1716.json b/2019/1xxx/CVE-2019-1716.json index 1cf1d8b1e34..07cf65650ab 100644 --- a/2019/1xxx/CVE-2019-1716.json +++ b/2019/1xxx/CVE-2019-1716.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1716", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1716", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1931.json b/2019/1xxx/CVE-2019-1931.json index f96eaf6ce8e..9b02e894cfb 100644 --- a/2019/1xxx/CVE-2019-1931.json +++ b/2019/1xxx/CVE-2019-1931.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1931", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1931", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3034.json b/2019/3xxx/CVE-2019-3034.json index 5d366fabf49..8635263a51a 100644 --- a/2019/3xxx/CVE-2019-3034.json +++ b/2019/3xxx/CVE-2019-3034.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3034", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3034", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3578.json b/2019/3xxx/CVE-2019-3578.json index 227f7149be4..21bb253edff 100644 --- a/2019/3xxx/CVE-2019-3578.json +++ b/2019/3xxx/CVE-2019-3578.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3578", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3578", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3680.json b/2019/3xxx/CVE-2019-3680.json index 1033414c3fb..1c0af6e4386 100644 --- a/2019/3xxx/CVE-2019-3680.json +++ b/2019/3xxx/CVE-2019-3680.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3680", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3680", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/3xxx/CVE-2019-3749.json b/2019/3xxx/CVE-2019-3749.json index 1c56e5a9cb2..39e05115a99 100644 --- a/2019/3xxx/CVE-2019-3749.json +++ b/2019/3xxx/CVE-2019-3749.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-3749", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-3749", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4363.json b/2019/4xxx/CVE-2019-4363.json index bb5dee5fb6d..e4f304e4373 100644 --- a/2019/4xxx/CVE-2019-4363.json +++ b/2019/4xxx/CVE-2019-4363.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4363", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4363", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4386.json b/2019/4xxx/CVE-2019-4386.json index 887b92e14cc..dad0dc87eda 100644 --- a/2019/4xxx/CVE-2019-4386.json +++ b/2019/4xxx/CVE-2019-4386.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4386", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4386", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4526.json b/2019/4xxx/CVE-2019-4526.json index bc230298230..4932843f64b 100644 --- a/2019/4xxx/CVE-2019-4526.json +++ b/2019/4xxx/CVE-2019-4526.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4526", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4526", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4886.json b/2019/4xxx/CVE-2019-4886.json index 5e2611c586b..11355d938c3 100644 --- a/2019/4xxx/CVE-2019-4886.json +++ b/2019/4xxx/CVE-2019-4886.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4886", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4886", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8111.json b/2019/8xxx/CVE-2019-8111.json index e0cc59356b5..49d08cc9be5 100644 --- a/2019/8xxx/CVE-2019-8111.json +++ b/2019/8xxx/CVE-2019-8111.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8111", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8111", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8336.json b/2019/8xxx/CVE-2019-8336.json index 8a5be746415..abe831f5016 100644 --- a/2019/8xxx/CVE-2019-8336.json +++ b/2019/8xxx/CVE-2019-8336.json @@ -1,62 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8336", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally \"\" as its secret is used in unusual circumstances." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8336", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/hashicorp/consul/issues/5423", - "refsource" : "MISC", - "url" : "https://github.com/hashicorp/consul/issues/5423" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a client to bypass intended access restrictions and obtain the privileges of one other arbitrary token within secondary datacenters, because a token with literally \"\" as its secret is used in unusual circumstances." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/hashicorp/consul/issues/5423", + "refsource": "MISC", + "url": "https://github.com/hashicorp/consul/issues/5423" + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8515.json b/2019/8xxx/CVE-2019-8515.json index b36d0da779a..01ace1d5ebc 100644 --- a/2019/8xxx/CVE-2019-8515.json +++ b/2019/8xxx/CVE-2019-8515.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8515", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8515", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9150.json b/2019/9xxx/CVE-2019-9150.json index 03b4319bc1e..0b12628e047 100644 --- a/2019/9xxx/CVE-2019-9150.json +++ b/2019/9xxx/CVE-2019-9150.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9150", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9150", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9471.json b/2019/9xxx/CVE-2019-9471.json index 3120b0078e8..d3be0ec7fbd 100644 --- a/2019/9xxx/CVE-2019-9471.json +++ b/2019/9xxx/CVE-2019-9471.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9471", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9471", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9705.json b/2019/9xxx/CVE-2019-9705.json index 77f6d6a6caa..4844d58d45e 100644 --- a/2019/9xxx/CVE-2019-9705.json +++ b/2019/9xxx/CVE-2019-9705.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9705", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9705", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://salsa.debian.org/debian/cron/commit/26814a26", - "refsource" : "MISC", - "url" : "https://salsa.debian.org/debian/cron/commit/26814a26" - }, - { - "name" : "107378", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/107378" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vixie Cron before the 3.0pl1-133 Debian package allows local users to cause a denial of service (memory consumption) via a large crontab file because an unlimited number of lines is accepted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "107378", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/107378" + }, + { + "name": "https://salsa.debian.org/debian/cron/commit/26814a26", + "refsource": "MISC", + "url": "https://salsa.debian.org/debian/cron/commit/26814a26" + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9746.json b/2019/9xxx/CVE-2019-9746.json index 8ca04d03d71..a655741af11 100644 --- a/2019/9xxx/CVE-2019-9746.json +++ b/2019/9xxx/CVE-2019-9746.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9746", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9746", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://bugs.chromium.org/p/webm/issues/detail?id=1605", - "refsource" : "MISC", - "url" : "https://bugs.chromium.org/p/webm/issues/detail?id=1605" - }, - { - "name" : "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7", - "refsource" : "MISC", - "url" : "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://bugs.chromium.org/p/webm/issues/detail?id=1605", + "refsource": "MISC", + "url": "https://bugs.chromium.org/p/webm/issues/detail?id=1605" + }, + { + "name": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7", + "refsource": "MISC", + "url": "https://chromium.googlesource.com/webm/libwebm/+/2427abe0bde234987ed005a3adca461e9a85dfb7" + } + ] + } +} \ No newline at end of file