diff --git a/2013/2xxx/CVE-2013-2516.json b/2013/2xxx/CVE-2013-2516.json index b1c4f69876f..4ae1d8e577a 100644 --- a/2013/2xxx/CVE-2013-2516.json +++ b/2013/2xxx/CVE-2013-2516.json @@ -1,67 +1,71 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "larry0@me.com", + "DATE_ASSIGNED" : "2013-02-24", + "ID" : "CVE-2013-2516", + "REQUESTER" : "cve-assign@mtire.org", + "STATE" : "PUBLIC", + "UPDATED" : "2019-02-12T11:31Z" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "url": "http://www.vapidlabs.com/advisory.php?v=36" - }, - { - "url": "http://rubygems.org/gems/fileutils" + "product" : { + "product_data" : [ + { + "product_name" : "FileUtils", + "version" : { + "version_data" : [ + { + "version_affected" : "<=", + "version_value" : "0.7" + } + ] + } + } + ] + }, + "vendor_name" : "Stefaan Colman" } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "0.7", - "version_affected": "<=" - } - ] - }, - "product_name": "FileUtils" - } - ] - }, - "vendor_name": "Stefaan Colman" - } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Fileutils 0.7 Ruby Gem remote command execution and insecure file handling in /tmp" + } ] - } - }, - "CVE_data_meta": { - "UPDATED": "2019-02-12T11:31Z", - "ASSIGNER": "larry0@me.com", - "STATE": "PUBLIC", - "REQUESTER": "cve-assign@mtire.org", - "ID": "CVE-2013-2516", - "DATE_ASSIGNED": "2013-02-24" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Fileutils 0.7 Ruby Gem remote command execution and insecure file handling in /tmp" - } - ] - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://rubygems.org/gems/fileutils", + "refsource" : "MISC", + "url" : "http://rubygems.org/gems/fileutils" + }, + { + "name" : "http://www.vapidlabs.com/advisory.php?v=36", + "refsource" : "MISC", + "url" : "http://www.vapidlabs.com/advisory.php?v=36" + } + ] + } } diff --git a/2013/2xxx/CVE-2013-2565.json b/2013/2xxx/CVE-2013-2565.json index 81764ecb495..6bd428c3474 100644 --- a/2013/2xxx/CVE-2013-2565.json +++ b/2013/2xxx/CVE-2013-2565.json @@ -1,67 +1,71 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "larry0@me.com", + "DATE_ASSIGNED" : "2012-01-02", + "ID" : "CVE-2013-2565", + "REQUESTER" : "cve-assign@mitre.org", + "STATE" : "PUBLIC", + "UPDATED" : "2019-02-11T10:41Z" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "url": "http://www.vapidlabs.com/advisory.php?v=75" - }, - { - "url": "http://sourceforge.net/projects/mambo/" + "product" : { + "product_data" : [ + { + "product_name" : "Mambo CMS", + "version" : { + "version_data" : [ + { + "version_affected" : "<=", + "version_value" : "4.6.5" + } + ] + } + } + ] + }, + "vendor_name" : "Mambo" } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "4.6.5", - "version_affected": "<=" - } - ] - }, - "product_name": "Mambo CMS" - } - ] - }, - "vendor_name": "Mambo" - } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Mambo CMS vulnerabilities" + } ] - } - }, - "CVE_data_meta": { - "UPDATED": "2019-02-11T10:41Z", - "ASSIGNER": "larry0@me.com", - "STATE": "PUBLIC", - "REQUESTER": "cve-assign@mitre.org", - "ID": "CVE-2013-2565", - "DATE_ASSIGNED": "2012-01-02" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Mambo CMS vulnerabilities" - } - ] - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://sourceforge.net/projects/mambo/", + "refsource" : "MISC", + "url" : "http://sourceforge.net/projects/mambo/" + }, + { + "name" : "http://www.vapidlabs.com/advisory.php?v=75", + "refsource" : "MISC", + "url" : "http://www.vapidlabs.com/advisory.php?v=75" + } + ] + } } diff --git a/2013/5xxx/CVE-2013-5654.json b/2013/5xxx/CVE-2013-5654.json index 553f8c6f352..3cb3bf17360 100644 --- a/2013/5xxx/CVE-2013-5654.json +++ b/2013/5xxx/CVE-2013-5654.json @@ -1,67 +1,71 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "larry0@me.com", + "DATE_ASSIGNED" : "2014-05-14", + "ID" : "CVE-2013-5654", + "REQUESTER" : "cve-assign@mitre.org", + "STATE" : "PUBLIC", + "UPDATED" : "2019-02-13T14:41Z" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "url": "http://www.vapidlabs.com/advisory.php?v=94" - }, - { - "url": "http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744" + "product" : { + "product_data" : [ + { + "product_name" : "YingZhi Python Programming Language", + "version" : { + "version_data" : [ + { + "version_affected" : "<=", + "version_value" : "1.9" + } + ] + } + } + ] + }, + "vendor_name" : "YingZhi" } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage" - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "1.9", - "version_affected": "<=" - } - ] - }, - "product_name": "YingZhi Python Programming Language" - } - ] - }, - "vendor_name": "YingZhi" - } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Arbitrary file upload vulnerability in YingZhi Python Programming Language for iOS" + } ] - } - }, - "CVE_data_meta": { - "UPDATED": "2019-02-13T14:41Z", - "ASSIGNER": "larry0@me.com", - "STATE": "PUBLIC", - "REQUESTER": "cve-assign@mitre.org", - "ID": "CVE-2013-5654", - "DATE_ASSIGNED": "2014-05-14" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Arbitrary file upload vulnerability in YingZhi Python Programming Language for iOS" - } - ] - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744", + "refsource" : "MISC", + "url" : "http://www.iphoneappstorm.com/iphone-apps/utilities/com.yingzhi.python/yingzhipython.php?id=493505744" + }, + { + "name" : "http://www.vapidlabs.com/advisory.php?v=94", + "refsource" : "MISC", + "url" : "http://www.vapidlabs.com/advisory.php?v=94" + } + ] + } } diff --git a/2015/4xxx/CVE-2015-4615.json b/2015/4xxx/CVE-2015-4615.json index f3eca14ba6d..6f1220a5411 100644 --- a/2015/4xxx/CVE-2015-4615.json +++ b/2015/4xxx/CVE-2015-4615.json @@ -1,67 +1,71 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "larry0@me.com", + "DATE_ASSIGNED" : "2015-06-08", + "ID" : "CVE-2015-4615", + "REQUESTER" : "cve-assign@mitre.org", + "STATE" : "PUBLIC", + "UPDATED" : "2019-02-13T10:41Z" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "url": "http://www.vapid.dhs.org/advisory.php?v=130" - }, - { - "url": "https://wordpress.org/plugins/easy2map-photos" + "product" : { + "product_data" : [ + { + "product_name" : "Easy2map-photos WordPress Plugin", + "version" : { + "version_data" : [ + { + "version_affected" : "1.09", + "version_value" : "1.09" + } + ] + } + } + ] + }, + "vendor_name" : "Steven Ellis" } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables" - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "1.09", - "version_affected": "1.09" - } - ] - }, - "product_name": "Easy2map-photos WordPress Plugin" - } - ] - }, - "vendor_name": "Steven Ellis" - } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "SQL Injection in easy2map-photos wordpress plugin v1.09" + } ] - } - }, - "CVE_data_meta": { - "UPDATED": "2019-02-13T10:41Z", - "ASSIGNER": "larry0@me.com", - "STATE": "PUBLIC", - "REQUESTER": "cve-assign@mitre.org", - "ID": "CVE-2015-4615", - "DATE_ASSIGNED": "2015-06-08" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "SQL Injection in easy2map-photos wordpress plugin v1.09" - } - ] - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.vapid.dhs.org/advisory.php?v=130", + "refsource" : "MISC", + "url" : "http://www.vapid.dhs.org/advisory.php?v=130" + }, + { + "name" : "https://wordpress.org/plugins/easy2map-photos", + "refsource" : "MISC", + "url" : "https://wordpress.org/plugins/easy2map-photos" + } + ] + } } diff --git a/2015/4xxx/CVE-2015-4617.json b/2015/4xxx/CVE-2015-4617.json index 613936ca2d5..c6b3001e7ca 100644 --- a/2015/4xxx/CVE-2015-4617.json +++ b/2015/4xxx/CVE-2015-4617.json @@ -1,67 +1,71 @@ { - "data_version": "4.0", - "references": { - "reference_data": [ + "CVE_data_meta" : { + "ASSIGNER" : "larry0@me.com", + "DATE_ASSIGNED" : "2015-06-08", + "ID" : "CVE-2015-4617", + "REQUESTER" : "cve-assign@mitre.org", + "STATE" : "PUBLIC", + "UPDATED" : "2019-02-13T10:41Z" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "url": "http://www.vapidlabs.com/advisory.php?v=130" - }, - { - "url": "https://wordpress.org/plugins/easy2map-photos" + "product" : { + "product_data" : [ + { + "product_name" : "Easy2map-photos WordPress Plugin", + "version" : { + "version_data" : [ + { + "version_affected" : "1.09", + "version_value" : "1.09" + } + ] + } + } + ] + }, + "vendor_name" : "Steven Ellis" } - ] - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory." - } - ] - }, - "data_type": "CVE", - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "version": { - "version_data": [ - { - "version_value": "1.09", - "version_affected": "1.09" - } - ] - }, - "product_name": "Easy2map-photos WordPress Plugin" - } - ] - }, - "vendor_name": "Steven Ellis" - } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Path traversal in easy2map-photos wordpress plugin v1.09" + } ] - } - }, - "CVE_data_meta": { - "UPDATED": "2019-02-13T10:41Z", - "ASSIGNER": "larry0@me.com", - "STATE": "PUBLIC", - "REQUESTER": "cve-assign@mitre.org", - "ID": "CVE-2015-4617", - "DATE_ASSIGNED": "2015-06-08" - }, - "data_format": "MITRE", - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Path traversal in easy2map-photos wordpress plugin v1.09" - } - ] - } - ] - } + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "http://www.vapidlabs.com/advisory.php?v=130", + "refsource" : "MISC", + "url" : "http://www.vapidlabs.com/advisory.php?v=130" + }, + { + "name" : "https://wordpress.org/plugins/easy2map-photos", + "refsource" : "MISC", + "url" : "https://wordpress.org/plugins/easy2map-photos" + } + ] + } } diff --git a/2019/8xxx/CVE-2019-8351.json b/2019/8xxx/CVE-2019-8351.json new file mode 100644 index 00000000000..8d46fe65117 --- /dev/null +++ b/2019/8xxx/CVE-2019-8351.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8351", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8352.json b/2019/8xxx/CVE-2019-8352.json new file mode 100644 index 00000000000..27ed4c9d0ee --- /dev/null +++ b/2019/8xxx/CVE-2019-8352.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8352", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}