From fef34a06bf16860d616346b04e2b498ff808cb87 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 18 Mar 2019 00:15:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 1999/0xxx/CVE-1999-0959.json | 150 ++++++++++----------- 2007/0xxx/CVE-2007-0175.json | 180 ++++++++++++------------- 2007/0xxx/CVE-2007-0221.json | 230 ++++++++++++++++---------------- 2007/0xxx/CVE-2007-0504.json | 150 ++++++++++----------- 2007/1xxx/CVE-2007-1102.json | 170 ++++++++++++------------ 2007/1xxx/CVE-2007-1130.json | 160 +++++++++++----------- 2007/1xxx/CVE-2007-1214.json | 240 ++++++++++++++++----------------- 2007/1xxx/CVE-2007-1815.json | 150 ++++++++++----------- 2007/1xxx/CVE-2007-1875.json | 34 ++--- 2007/5xxx/CVE-2007-5133.json | 180 ++++++++++++------------- 2007/5xxx/CVE-2007-5520.json | 200 ++++++++++++++-------------- 2007/5xxx/CVE-2007-5642.json | 250 +++++++++++++++++------------------ 2007/5xxx/CVE-2007-5661.json | 180 ++++++++++++------------- 2015/3xxx/CVE-2015-3044.json | 240 ++++++++++++++++----------------- 2015/3xxx/CVE-2015-3059.json | 150 ++++++++++----------- 2015/3xxx/CVE-2015-3312.json | 34 ++--- 2015/3xxx/CVE-2015-3941.json | 34 ++--- 2015/4xxx/CVE-2015-4158.json | 130 +++++++++--------- 2015/7xxx/CVE-2015-7223.json | 220 +++++++++++++++--------------- 2015/7xxx/CVE-2015-7572.json | 34 ++--- 2015/8xxx/CVE-2015-8542.json | 140 ++++++++++---------- 2015/8xxx/CVE-2015-8720.json | 180 ++++++++++++------------- 2015/8xxx/CVE-2015-8861.json | 150 ++++++++++----------- 2016/0xxx/CVE-2016-0147.json | 130 +++++++++--------- 2016/0xxx/CVE-2016-0170.json | 150 ++++++++++----------- 2016/0xxx/CVE-2016-0970.json | 190 +++++++++++++------------- 2016/1xxx/CVE-2016-1110.json | 160 +++++++++++----------- 2016/1xxx/CVE-2016-1345.json | 150 ++++++++++----------- 2016/1xxx/CVE-2016-1728.json | 200 ++++++++++++++-------------- 2016/1xxx/CVE-2016-1820.json | 160 +++++++++++----------- 2016/1xxx/CVE-2016-1951.json | 170 ++++++++++++------------ 2016/1xxx/CVE-2016-1981.json | 210 ++++++++++++++--------------- 2016/5xxx/CVE-2016-5568.json | 170 ++++++++++++------------ 2018/2xxx/CVE-2018-2832.json | 132 +++++++++--------- 2019/0xxx/CVE-2019-0169.json | 34 ++--- 2019/0xxx/CVE-2019-0592.json | 34 ++--- 2019/0xxx/CVE-2019-0742.json | 130 +++++++++--------- 2019/0xxx/CVE-2019-0969.json | 34 ++--- 2019/1xxx/CVE-2019-1418.json | 34 ++--- 2019/1xxx/CVE-2019-1469.json | 34 ++--- 2019/1xxx/CVE-2019-1518.json | 34 ++--- 2019/1xxx/CVE-2019-1791.json | 34 ++--- 2019/4xxx/CVE-2019-4071.json | 34 ++--- 2019/4xxx/CVE-2019-4307.json | 34 ++--- 2019/4xxx/CVE-2019-4329.json | 34 ++--- 2019/4xxx/CVE-2019-4474.json | 34 ++--- 2019/5xxx/CVE-2019-5068.json | 34 ++--- 2019/5xxx/CVE-2019-5937.json | 34 ++--- 2019/8xxx/CVE-2019-8962.json | 34 ++--- 2019/9xxx/CVE-2019-9012.json | 34 ++--- 2019/9xxx/CVE-2019-9101.json | 34 ++--- 2019/9xxx/CVE-2019-9260.json | 34 ++--- 2019/9xxx/CVE-2019-9303.json | 34 ++--- 2019/9xxx/CVE-2019-9776.json | 130 +++++++++--------- 54 files changed, 3140 insertions(+), 3140 deletions(-) diff --git a/1999/0xxx/CVE-1999-0959.json b/1999/0xxx/CVE-1999-0959.json index cfcb0c7e461..0424da8988f 100644 --- a/1999/0xxx/CVE-1999-0959.json +++ b/1999/0xxx/CVE-1999-0959.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-1999-0959", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IRIX startmidi program allows local users to modify arbitrary files via a symlink attack." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-1999-0959", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "19980301-01-PX", - "refsource" : "SGI", - "url" : "ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX" - }, - { - "name" : "469", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/469" - }, - { - "name" : "8447", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/8447" - }, - { - "name" : "irix-startmidi-file-creation(1634)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/1634" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IRIX startmidi program allows local users to modify arbitrary files via a symlink attack." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "19980301-01-PX", + "refsource": "SGI", + "url": "ftp://patches.sgi.com/support/free/security/advisories/19980301-01-PX" + }, + { + "name": "469", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/469" + }, + { + "name": "irix-startmidi-file-creation(1634)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/1634" + }, + { + "name": "8447", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/8447" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0175.json b/2007/0xxx/CVE-2007-0175.json index 9177e252e87..60b86f7c749 100644 --- a/2007/0xxx/CVE-2007-0175.json +++ b/2007/0xxx/CVE-2007-0175.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0175", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0175", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568", - "refsource" : "CONFIRM", - "url" : "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568" - }, - { - "name" : "DSA-1568", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2008/dsa-1568" - }, - { - "name" : "21953", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/21953" - }, - { - "name" : "32027", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/32027" - }, - { - "name" : "23656", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23656" - }, - { - "name" : "30093", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/30093" - }, - { - "name" : "b2evolution-login-xss(31368)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/31368" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cross-site scripting (XSS) vulnerability in htsrv/login.php in b2evolution 1.8.6 allows remote attackers to inject arbitrary web script or HTML via scriptable attributes in the redirect_to parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568", + "refsource": "CONFIRM", + "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=410568" + }, + { + "name": "30093", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/30093" + }, + { + "name": "DSA-1568", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2008/dsa-1568" + }, + { + "name": "32027", + "refsource": "OSVDB", + "url": "http://osvdb.org/32027" + }, + { + "name": "b2evolution-login-xss(31368)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31368" + }, + { + "name": "21953", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/21953" + }, + { + "name": "23656", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23656" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0221.json b/2007/0xxx/CVE-2007-0221.json index 6fb6d6d9708..4f45ad6dd94 100644 --- a/2007/0xxx/CVE-2007-0221.json +++ b/2007/0xxx/CVE-2007-0221.json @@ -1,117 +1,117 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0221", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the \"IMAP Literal Processing Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-0221", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070508 Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-026", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "23810", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23810" - }, - { - "name" : "ADV-2007-1711", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1711" - }, - { - "name" : "34392", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34392" - }, - { - "name" : "oval:org.mitre.oval:def:2054", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054" - }, - { - "name" : "1018015", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018015" - }, - { - "name" : "25183", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25183" - }, - { - "name" : "exchange-imap-command-dos(33890)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33890" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the \"IMAP Literal Processing Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "1018015", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018015" + }, + { + "name": "MS07-026", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026" + }, + { + "name": "exchange-imap-command-dos(33890)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33890" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "23810", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23810" + }, + { + "name": "25183", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25183" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "oval:org.mitre.oval:def:2054", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2054" + }, + { + "name": "ADV-2007-1711", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1711" + }, + { + "name": "20070508 Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=526" + }, + { + "name": "34392", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34392" + } + ] + } +} \ No newline at end of file diff --git a/2007/0xxx/CVE-2007-0504.json b/2007/0xxx/CVE-2007-0504.json index 4fb8de3a0e5..090b50fae42 100644 --- a/2007/0xxx/CVE-2007-0504.json +++ b/2007/0xxx/CVE-2007-0504.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-0504", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-0504", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3180", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3180" - }, - { - "name" : "ADV-2007-0300", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0300" - }, - { - "name" : "31606", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/31606" - }, - { - "name" : "23834", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/23834" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "ADV-2007-0300", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0300" + }, + { + "name": "31606", + "refsource": "OSVDB", + "url": "http://osvdb.org/31606" + }, + { + "name": "3180", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3180" + }, + { + "name": "23834", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/23834" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1102.json b/2007/1xxx/CVE-2007-1102.json index df5c11ac391..c535bccc08f 100644 --- a/2007/1xxx/CVE-2007-1102.json +++ b/2007/1xxx/CVE-2007-1102.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1102", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1102", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070224 Photostand_1.2.0 Multiple Cross Site Scripting", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/461150/100/0/threaded" - }, - { - "name" : "ADV-2007-0752", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0752" - }, - { - "name" : "33774", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33774" - }, - { - "name" : "33775", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/33775" - }, - { - "name" : "2296", - "refsource" : "SREASON", - "url" : "http://securityreason.com/securityalert/2296" - }, - { - "name" : "photostand-index-path-disclosure(32702)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32702" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Photostand 1.2.0 allows remote attackers to obtain sensitive information via a ' (quote) character in (1) a PHPSESSID cookie or (2) the id parameter in an article action in index.php, which reveal the path in various error messages." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "2296", + "refsource": "SREASON", + "url": "http://securityreason.com/securityalert/2296" + }, + { + "name": "33774", + "refsource": "OSVDB", + "url": "http://osvdb.org/33774" + }, + { + "name": "ADV-2007-0752", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0752" + }, + { + "name": "33775", + "refsource": "OSVDB", + "url": "http://osvdb.org/33775" + }, + { + "name": "photostand-index-path-disclosure(32702)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32702" + }, + { + "name": "20070224 Photostand_1.2.0 Multiple Cross Site Scripting", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/461150/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1130.json b/2007/1xxx/CVE-2007-1130.json index 433fdce24cc..32768b2f1a1 100644 --- a/2007/1xxx/CVE-2007-1130.json +++ b/2007/1xxx/CVE-2007-1130.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1130", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1130", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3366", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3366" - }, - { - "name" : "22696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/22696" - }, - { - "name" : "ADV-2007-0737", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/0737" - }, - { - "name" : "37007", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/37007" - }, - { - "name" : "sinapis-gastebuch-sinagb-file-include(32657)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/32657" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "PHP remote file inclusion vulnerability in sinagb.php in Sinapis Gastebuch 2.2 allows remote attackers to execute arbitrary PHP code via a URL in the fuss parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "3366", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3366" + }, + { + "name": "sinapis-gastebuch-sinagb-file-include(32657)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32657" + }, + { + "name": "37007", + "refsource": "OSVDB", + "url": "http://osvdb.org/37007" + }, + { + "name": "22696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/22696" + }, + { + "name": "ADV-2007-0737", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/0737" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1214.json b/2007/1xxx/CVE-2007-1214.json index 63176e48632..f6b1f92a88b 100644 --- a/2007/1xxx/CVE-2007-1214.json +++ b/2007/1xxx/CVE-2007-1214.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1214", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2007-1214", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070508 Microsoft Excel Filter Record Code Execution Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=527" - }, - { - "name" : "HPSBST02214", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "SSRT071422", - "refsource" : "HP", - "url" : "http://www.securityfocus.com/archive/1/468871/100/200/threaded" - }, - { - "name" : "MS07-023", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-023" - }, - { - "name" : "TA07-128A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" - }, - { - "name" : "VU#253825", - "refsource" : "CERT-VN", - "url" : "http://www.kb.cert.org/vuls/id/253825" - }, - { - "name" : "23780", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23780" - }, - { - "name" : "ADV-2007-1708", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/1708" - }, - { - "name" : "34395", - "refsource" : "OSVDB", - "url" : "http://www.osvdb.org/34395" - }, - { - "name" : "oval:org.mitre.oval:def:2064", - "refsource" : "OVAL", - "url" : "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2064" - }, - { - "name" : "1018012", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018012" - }, - { - "name" : "25150", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/25150" - }, - { - "name" : "excel-autofilter-code-execution(33915)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33915" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "HPSBST02214", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "SSRT071422", + "refsource": "HP", + "url": "http://www.securityfocus.com/archive/1/468871/100/200/threaded" + }, + { + "name": "excel-autofilter-code-execution(33915)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33915" + }, + { + "name": "TA07-128A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-128A.html" + }, + { + "name": "MS07-023", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-023" + }, + { + "name": "VU#253825", + "refsource": "CERT-VN", + "url": "http://www.kb.cert.org/vuls/id/253825" + }, + { + "name": "20070508 Microsoft Excel Filter Record Code Execution Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=527" + }, + { + "name": "ADV-2007-1708", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/1708" + }, + { + "name": "1018012", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018012" + }, + { + "name": "oval:org.mitre.oval:def:2064", + "refsource": "OVAL", + "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2064" + }, + { + "name": "34395", + "refsource": "OSVDB", + "url": "http://www.osvdb.org/34395" + }, + { + "name": "23780", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23780" + }, + { + "name": "25150", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/25150" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1815.json b/2007/1xxx/CVE-2007-1815.json index b739f7a23ea..6624f9dc490 100644 --- a/2007/1xxx/CVE-2007-1815.json +++ b/2007/1xxx/CVE-2007-1815.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1815", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1815", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "3619", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/3619" - }, - { - "name" : "23229", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/23229" - }, - { - "name" : "34468", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/34468" - }, - { - "name" : "xoops-library-viewcat-sql-injection(33366)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/33366" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SQL injection vulnerability in viewcat.php in the Library module for Xoops allows remote attackers to execute arbitrary SQL commands via the cid parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "23229", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/23229" + }, + { + "name": "3619", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/3619" + }, + { + "name": "34468", + "refsource": "OSVDB", + "url": "http://osvdb.org/34468" + }, + { + "name": "xoops-library-viewcat-sql-injection(33366)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33366" + } + ] + } +} \ No newline at end of file diff --git a/2007/1xxx/CVE-2007-1875.json b/2007/1xxx/CVE-2007-1875.json index b0e4700c6d0..10d8ac356d2 100644 --- a/2007/1xxx/CVE-2007-1875.json +++ b/2007/1xxx/CVE-2007-1875.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-1875", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-1875", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5133.json b/2007/5xxx/CVE-2007-5133.json index 06062cad69f..9e8b65cd0b8 100644 --- a/2007/5xxx/CVE-2007-5133.json +++ b/2007/5xxx/CVE-2007-5133.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5133", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5133", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480594/100/0/threaded" - }, - { - "name" : "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480706/100/0/threaded" - }, - { - "name" : "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480854/100/0/threaded" - }, - { - "name" : "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480827/100/0/threaded" - }, - { - "name" : "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/480864/100/0/threaded" - }, - { - "name" : "25816", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/25816" - }, - { - "name" : "45521", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/45521" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20070925 Possible Windows Explorer bad PNG file preview integer overflow handling", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480594/100/0/threaded" + }, + { + "name": "20070927 Re: Possible Windows Explorer bad PNG file preview integer overflow handling", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480854/100/0/threaded" + }, + { + "name": "20070926 Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480706/100/0/threaded" + }, + { + "name": "20070927 Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480827/100/0/threaded" + }, + { + "name": "25816", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/25816" + }, + { + "name": "45521", + "refsource": "OSVDB", + "url": "http://osvdb.org/45521" + }, + { + "name": "20070927 Re: Re: Re: Re: Confirmed: Windows Explorer bad PNG file preview integer overflow handling", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/480864/100/0/threaded" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5520.json b/2007/5xxx/CVE-2007-5520.json index 9b246d26d5f..1359d255656 100644 --- a/2007/5xxx/CVE-2007-5520.json +++ b/2007/5xxx/CVE-2007-5520.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5520", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5520", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" - }, - { - "name" : "HPSBMA02133", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "SSRT061201", - "refsource" : "HP", - "url" : "http://marc.info/?l=bugtraq&m=119332677525918&w=2" - }, - { - "name" : "TA07-290A", - "refsource" : "CERT", - "url" : "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" - }, - { - "name" : "ADV-2007-3524", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3524" - }, - { - "name" : "ADV-2007-3626", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2007/3626" - }, - { - "name" : "1018823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id?1018823" - }, - { - "name" : "27251", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27251" - }, - { - "name" : "27409", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27409" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html" + }, + { + "name": "ADV-2007-3524", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3524" + }, + { + "name": "ADV-2007-3626", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2007/3626" + }, + { + "name": "TA07-290A", + "refsource": "CERT", + "url": "http://www.us-cert.gov/cas/techalerts/TA07-290A.html" + }, + { + "name": "SSRT061201", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "HPSBMA02133", + "refsource": "HP", + "url": "http://marc.info/?l=bugtraq&m=119332677525918&w=2" + }, + { + "name": "1018823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id?1018823" + }, + { + "name": "27409", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27409" + }, + { + "name": "27251", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27251" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5642.json b/2007/5xxx/CVE-2007-5642.json index e8837c1c786..33de8932582 100644 --- a/2007/5xxx/CVE-2007-5642.json +++ b/2007/5xxx/CVE-2007-5642.json @@ -1,127 +1,127 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5642", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5642", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "4549", - "refsource" : "EXPLOIT-DB", - "url" : "https://www.exploit-db.com/exploits/4549" - }, - { - "name" : "26148", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/26148" - }, - { - "name" : "41951", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41951" - }, - { - "name" : "41954", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41954" - }, - { - "name" : "41955", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41955" - }, - { - "name" : "41956", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41956" - }, - { - "name" : "41960", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41960" - }, - { - "name" : "41963", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41963" - }, - { - "name" : "41970", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41970" - }, - { - "name" : "41972", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41972" - }, - { - "name" : "41974", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41974" - }, - { - "name" : "41975", - "refsource" : "OSVDB", - "url" : "http://osvdb.org/41975" - }, - { - "name" : "27347", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/27347" - }, - { - "name" : "phpprojectmanagement-module-file-include(37348)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/37348" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) the def_lang parameter to modules/files/list.php; the m_path parameter to (2) modules/projects/summary.inc.php or (3) modules/tasks/summary.inc.php; (4) the module parameter to modules/projects/list.php; or the module parameter to index.php in the (5) certinfo, (6) emails, (7) events, (8) fax, (9) files, (10) groupadm, (11) history, (12) info, (13) log, (14) mail, (15) messages, (16) organizations, (17) phones, (18) presence, (19) projects, (20) reports, (21) search, (22) snf, (23) syslog, (24) tasks, or (25) useradm subdirectory of modules/." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "4549", + "refsource": "EXPLOIT-DB", + "url": "https://www.exploit-db.com/exploits/4549" + }, + { + "name": "41951", + "refsource": "OSVDB", + "url": "http://osvdb.org/41951" + }, + { + "name": "41954", + "refsource": "OSVDB", + "url": "http://osvdb.org/41954" + }, + { + "name": "phpprojectmanagement-module-file-include(37348)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37348" + }, + { + "name": "41975", + "refsource": "OSVDB", + "url": "http://osvdb.org/41975" + }, + { + "name": "41972", + "refsource": "OSVDB", + "url": "http://osvdb.org/41972" + }, + { + "name": "41955", + "refsource": "OSVDB", + "url": "http://osvdb.org/41955" + }, + { + "name": "41970", + "refsource": "OSVDB", + "url": "http://osvdb.org/41970" + }, + { + "name": "41960", + "refsource": "OSVDB", + "url": "http://osvdb.org/41960" + }, + { + "name": "41956", + "refsource": "OSVDB", + "url": "http://osvdb.org/41956" + }, + { + "name": "41974", + "refsource": "OSVDB", + "url": "http://osvdb.org/41974" + }, + { + "name": "41963", + "refsource": "OSVDB", + "url": "http://osvdb.org/41963" + }, + { + "name": "26148", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/26148" + }, + { + "name": "27347", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/27347" + } + ] + } +} \ No newline at end of file diff --git a/2007/5xxx/CVE-2007-5661.json b/2007/5xxx/CVE-2007-5661.json index f589e112531..96241a023ef 100644 --- a/2007/5xxx/CVE-2007-5661.json +++ b/2007/5xxx/CVE-2007-5661.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2007-5661", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2007-5661", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20080331 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability", - "refsource" : "IDEFENSE", - "url" : "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649" - }, - { - "name" : "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640", - "refsource" : "CONFIRM", - "url" : "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640" - }, - { - "name" : "28533", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/28533" - }, - { - "name" : "ADV-2008-1049", - "refsource" : "VUPEN", - "url" : "http://www.vupen.com/english/advisories/2008/1049" - }, - { - "name" : "1019735", - "refsource" : "SECTRACK", - "url" : "http://securitytracker.com/id?1019735" - }, - { - "name" : "29549", - "refsource" : "SECUNIA", - "url" : "http://secunia.com/advisories/29549" - }, - { - "name" : "installshield-oneclick-code-execution(41558)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/41558" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Macrovision InstallShield InstallScript One-Click Install (OCI) ActiveX control 12.0 before SP2 does not validate the DLL files that are named as parameters to the control, which allows remote attackers to download arbitrary library code onto a client machine." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1019735", + "refsource": "SECTRACK", + "url": "http://securitytracker.com/id?1019735" + }, + { + "name": "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640", + "refsource": "CONFIRM", + "url": "http://knowledge.macrovision.com/selfservice/microsites/search.do?cmd=displayKC&externalId=Q113640" + }, + { + "name": "installshield-oneclick-code-execution(41558)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41558" + }, + { + "name": "28533", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/28533" + }, + { + "name": "20080331 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability", + "refsource": "IDEFENSE", + "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=649" + }, + { + "name": "29549", + "refsource": "SECUNIA", + "url": "http://secunia.com/advisories/29549" + }, + { + "name": "ADV-2008-1049", + "refsource": "VUPEN", + "url": "http://www.vupen.com/english/advisories/2008/1049" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3044.json b/2015/3xxx/CVE-2015-3044.json index ace1aae42d1..e1dc8612cf7 100644 --- a/2015/3xxx/CVE-2015-3044.json +++ b/2015/3xxx/CVE-2015-3044.json @@ -1,122 +1,122 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3044", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3044", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" - }, - { - "name" : "GLSA-201504-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201504-07" - }, - { - "name" : "GLSA-201505-02", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201505-02" - }, - { - "name" : "RHSA-2015:0813", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2015-0813.html" - }, - { - "name" : "SUSE-SU-2015:0722", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" - }, - { - "name" : "SUSE-SU-2015:0723", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" - }, - { - "name" : "openSUSE-SU-2015:0718", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" - }, - { - "name" : "SUSE-SU-2015:0878", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html" - }, - { - "name" : "openSUSE-SU-2015:0890", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html" - }, - { - "name" : "openSUSE-SU-2015:0914", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html" - }, - { - "name" : "openSUSE-SU-2015:0725", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" - }, - { - "name" : "74065", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74065" - }, - { - "name" : "1032105", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032105" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2015:0878", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00007.html" + }, + { + "name": "openSUSE-SU-2015:0890", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00010.html" + }, + { + "name": "74065", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74065" + }, + { + "name": "openSUSE-SU-2015:0718", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00010.html" + }, + { + "name": "SUSE-SU-2015:0722", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00011.html" + }, + { + "name": "GLSA-201505-02", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201505-02" + }, + { + "name": "GLSA-201504-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201504-07" + }, + { + "name": "1032105", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032105" + }, + { + "name": "RHSA-2015:0813", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2015-0813.html" + }, + { + "name": "openSUSE-SU-2015:0914", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00016.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb15-06.html" + }, + { + "name": "openSUSE-SU-2015:0725", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00013.html" + }, + { + "name": "SUSE-SU-2015:0723", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00012.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3059.json b/2015/3xxx/CVE-2015-3059.json index 65e0cd6a28c..5c6c0bf1b45 100644 --- a/2015/3xxx/CVE-2015-3059.json +++ b/2015/3xxx/CVE-2015-3059.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3059", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2015-3059", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-15-212", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-15-212" - }, - { - "name" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/reader/apsb15-10.html" - }, - { - "name" : "74602", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74602" - }, - { - "name" : "1032284", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1032284" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2015-3055, and CVE-2015-3075." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-15-212", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-212" + }, + { + "name": "https://helpx.adobe.com/security/products/reader/apsb15-10.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/reader/apsb15-10.html" + }, + { + "name": "1032284", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1032284" + }, + { + "name": "74602", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74602" + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3312.json b/2015/3xxx/CVE-2015-3312.json index 30bcfeda362..f9b226ad187 100644 --- a/2015/3xxx/CVE-2015-3312.json +++ b/2015/3xxx/CVE-2015-3312.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3312", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-3312", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2015/3xxx/CVE-2015-3941.json b/2015/3xxx/CVE-2015-3941.json index f5f450b30e8..399b75d9b72 100644 --- a/2015/3xxx/CVE-2015-3941.json +++ b/2015/3xxx/CVE-2015-3941.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-3941", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-3941", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none." + } + ] + } +} \ No newline at end of file diff --git a/2015/4xxx/CVE-2015-4158.json b/2015/4xxx/CVE-2015-4158.json index b177e427688..ab062790d78 100644 --- a/2015/4xxx/CVE-2015-4158.json +++ b/2015/4xxx/CVE-2015-4158.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-4158", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-4158", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20150522 SAP Security Notes May 2015", - "refsource" : "FULLDISC", - "url" : "http://seclists.org/fulldisclosure/2015/May/96" - }, - { - "name" : "74799", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/74799" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "74799", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/74799" + }, + { + "name": "20150522 SAP Security Notes May 2015", + "refsource": "FULLDISC", + "url": "http://seclists.org/fulldisclosure/2015/May/96" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7223.json b/2015/7xxx/CVE-2015-7223.json index 93d80df0922..6b8c8b71dcc 100644 --- a/2015/7xxx/CVE-2015-7223.json +++ b/2015/7xxx/CVE-2015-7223.json @@ -1,112 +1,112 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7223", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2015-7223", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html", - "refsource" : "CONFIRM", - "url" : "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423" - }, - { - "name" : "FEDORA-2015-51b1105902", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" - }, - { - "name" : "FEDORA-2015-7ab3d3afcf", - "refsource" : "FEDORA", - "url" : "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" - }, - { - "name" : "GLSA-201512-10", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201512-10" - }, - { - "name" : "openSUSE-SU-2016:0307", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" - }, - { - "name" : "openSUSE-SU-2016:0308", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" - }, - { - "name" : "openSUSE-SU-2015:2353", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" - }, - { - "name" : "USN-2833-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-2833-1" - }, - { - "name" : "79280", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79280" - }, - { - "name" : "1034426", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034426" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "GLSA-201512-10", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201512-10" + }, + { + "name": "openSUSE-SU-2015:2353", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00104.html" + }, + { + "name": "openSUSE-SU-2016:0308", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" + }, + { + "name": "FEDORA-2015-7ab3d3afcf", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174253.html" + }, + { + "name": "USN-2833-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2833-1" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1226423" + }, + { + "name": "79280", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79280" + }, + { + "name": "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html", + "refsource": "CONFIRM", + "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-148.html" + }, + { + "name": "openSUSE-SU-2016:0307", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" + }, + { + "name": "FEDORA-2015-51b1105902", + "refsource": "FEDORA", + "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174083.html" + }, + { + "name": "1034426", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034426" + } + ] + } +} \ No newline at end of file diff --git a/2015/7xxx/CVE-2015-7572.json b/2015/7xxx/CVE-2015-7572.json index 10744bba179..19365a37c1b 100644 --- a/2015/7xxx/CVE-2015-7572.json +++ b/2015/7xxx/CVE-2015-7572.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-7572", - "STATE" : "REJECT" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." - } - ] - } -} + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2015-7572", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0237. Reason: This candidate is a duplicate of CVE-2013-0237. Notes: All CVE users should reference CVE-2013-0237 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage." + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8542.json b/2015/8xxx/CVE-2015-8542.json index 4c10c4fef54..985a1bdee51 100644 --- a/2015/8xxx/CVE-2015-8542.json +++ b/2015/8xxx/CVE-2015-8542.json @@ -1,72 +1,72 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8542", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The \"getprivkeybyid\" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the \"id\" and \"cid\" parameter to specify the current user by its user- and context-ID. The \"auth\" parameter contains a hashed password string which gets created by the client by asking the user to enter his or her OX Guard password. This parameter is used as single point of authentication when accessing PGP Private Keys. In case a user has set the same password as another user, it is possible to download another user's PGP Private Key by iterating the \"id\" and \"cid\" parameters. This kind of attack would also be able by brute-forcing login credentials, but since the \"id\" and \"cid\" parameters are sequential they are much easier to predict than a user's login name. At the same time, there are some obvious insecure standard passwords that are widely used. A attacker could send the hashed representation of typically weak passwords and randomly fetch Private Key of matching accounts. The attack can be executed by both internal users and \"guests\" which use the external mail reader." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8542", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160302 Open-Xchange Security Advisory 2016-03-02", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537678/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html", - "refsource" : "CONFIRM", - "url" : "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html" - }, - { - "name" : "1035174", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035174" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The \"getprivkeybyid\" API call is used to download a PGP Private Key for a specific user after providing authentication credentials. Clients provide the \"id\" and \"cid\" parameter to specify the current user by its user- and context-ID. The \"auth\" parameter contains a hashed password string which gets created by the client by asking the user to enter his or her OX Guard password. This parameter is used as single point of authentication when accessing PGP Private Keys. In case a user has set the same password as another user, it is possible to download another user's PGP Private Key by iterating the \"id\" and \"cid\" parameters. This kind of attack would also be able by brute-forcing login credentials, but since the \"id\" and \"cid\" parameters are sequential they are much easier to predict than a user's login name. At the same time, there are some obvious insecure standard passwords that are widely used. A attacker could send the hashed representation of typically weak passwords and randomly fetch Private Key of matching accounts. The attack can be executed by both internal users and \"guests\" which use the external mail reader." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20160302 Open-Xchange Security Advisory 2016-03-02", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537678/100/0/threaded" + }, + { + "name": "1035174", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035174" + }, + { + "name": "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html", + "refsource": "CONFIRM", + "url": "http://packetstormsecurity.com/files/136069/Open-Xchange-Guard-2.2.0-2.0-Private-Key-Disclosure.html" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8720.json b/2015/8xxx/CVE-2015-8720.json index 43205034855..f65b69c5866 100644 --- a/2015/8xxx/CVE-2015-8720.json +++ b/2015/8xxx/CVE-2015-8720.json @@ -1,92 +1,92 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8720", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8720", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.wireshark.org/security/wnpa-sec-2015-39.html", - "refsource" : "CONFIRM", - "url" : "http://www.wireshark.org/security/wnpa-sec-2015-39.html" - }, - { - "name" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39", - "refsource" : "CONFIRM", - "url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39" - }, - { - "name" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" - }, - { - "name" : "DSA-3505", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3505" - }, - { - "name" : "GLSA-201604-05", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-05" - }, - { - "name" : "79814", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/79814" - }, - { - "name" : "1034551", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034551" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "DSA-3505", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3505" + }, + { + "name": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39", + "refsource": "CONFIRM", + "url": "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=921bb07115fbffc081ec56a5022b4a9d58db6d39" + }, + { + "name": "79814", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/79814" + }, + { + "name": "http://www.wireshark.org/security/wnpa-sec-2015-39.html", + "refsource": "CONFIRM", + "url": "http://www.wireshark.org/security/wnpa-sec-2015-39.html" + }, + { + "name": "GLSA-201604-05", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-05" + }, + { + "name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html" + }, + { + "name": "1034551", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034551" + } + ] + } +} \ No newline at end of file diff --git a/2015/8xxx/CVE-2015-8861.json b/2015/8xxx/CVE-2015-8861.json index dcb5b0c7dd5..2bfcbe0101a 100644 --- a/2015/8xxx/CVE-2015-8861.json +++ b/2015/8xxx/CVE-2015-8861.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2015-8861", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2015-8861", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160420 various vulnerabilities in Node.js packages", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/04/20/11" - }, - { - "name" : "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/", - "refsource" : "MISC", - "url" : "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/" - }, - { - "name" : "https://www.tenable.com/security/tns-2016-18", - "refsource" : "CONFIRM", - "url" : "https://www.tenable.com/security/tns-2016-18" - }, - { - "name" : "96434", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/96434" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site scripting (XSS) attacks by leveraging a template with an attribute that is not quoted." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.tenable.com/security/tns-2016-18", + "refsource": "CONFIRM", + "url": "https://www.tenable.com/security/tns-2016-18" + }, + { + "name": "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/", + "refsource": "MISC", + "url": "https://www.sourceclear.com/blog/handlebars_vulnerability_research_findings/" + }, + { + "name": "96434", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/96434" + }, + { + "name": "[oss-security] 20160420 various vulnerabilities in Node.js packages", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/04/20/11" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0147.json b/2016/0xxx/CVE-2016-0147.json index e7e40331e43..008c6ed1005 100644 --- a/2016/0xxx/CVE-2016-0147.json +++ b/2016/0xxx/CVE-2016-0147.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0147", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka \"MSXML 3.0 Remote Code Execution Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0147", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "MS16-040", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-040" - }, - { - "name" : "1035523", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035523" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka \"MSXML 3.0 Remote Code Execution Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035523", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035523" + }, + { + "name": "MS16-040", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-040" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0170.json b/2016/0xxx/CVE-2016-0170.json index 8b5a0c8b088..5ba602864d5 100644 --- a/2016/0xxx/CVE-2016-0170.json +++ b/2016/0xxx/CVE-2016-0170.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0170", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Windows Graphics Component RCE Vulnerability.\"" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2016-0170", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html" - }, - { - "name" : "MS16-055", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055" - }, - { - "name" : "89864", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/89864" - }, - { - "name" : "1035823", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035823" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka \"Windows Graphics Component RCE Vulnerability.\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035823", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035823" + }, + { + "name": "MS16-055", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-055" + }, + { + "name": "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/137096/Microsoft-Windows-gdi32.dll-ExtEscape-Buffer-Overflow.html" + }, + { + "name": "89864", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/89864" + } + ] + } +} \ No newline at end of file diff --git a/2016/0xxx/CVE-2016-0970.json b/2016/0xxx/CVE-2016-0970.json index f0ff330a344..765531fc243 100644 --- a/2016/0xxx/CVE-2016-0970.json +++ b/2016/0xxx/CVE-2016-0970.json @@ -1,97 +1,97 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-0970", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-0970", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" - }, - { - "name" : "GLSA-201603-07", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201603-07" - }, - { - "name" : "RHSA-2016:0166", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-0166.html" - }, - { - "name" : "SUSE-SU-2016:0398", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" - }, - { - "name" : "SUSE-SU-2016:0400", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" - }, - { - "name" : "openSUSE-SU-2016:0412", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" - }, - { - "name" : "openSUSE-SU-2016:0415", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" - }, - { - "name" : "1034970", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034970" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0964, CVE-2016-0965, CVE-2016-0966, CVE-2016-0967, CVE-2016-0968, CVE-2016-0969, CVE-2016-0972, CVE-2016-0976, CVE-2016-0977, CVE-2016-0978, CVE-2016-0979, CVE-2016-0980, and CVE-2016-0981." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:0400", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00027.html" + }, + { + "name": "1034970", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034970" + }, + { + "name": "GLSA-201603-07", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201603-07" + }, + { + "name": "RHSA-2016:0166", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-0166.html" + }, + { + "name": "openSUSE-SU-2016:0415", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00030.html" + }, + { + "name": "openSUSE-SU-2016:0412", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00029.html" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-04.html" + }, + { + "name": "SUSE-SU-2016:0398", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00025.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1110.json b/2016/1xxx/CVE-2016-1110.json index d6abdd871df..e95813fadb0 100644 --- a/2016/1xxx/CVE-2016-1110.json +++ b/2016/1xxx/CVE-2016-1110.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1110", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@adobe.com", + "ID": "CVE-2016-1110", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", - "refsource" : "CONFIRM", - "url" : "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" - }, - { - "name" : "MS16-064", - "refsource" : "MS", - "url" : "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" - }, - { - "name" : "RHSA-2016:1079", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-1079.html" - }, - { - "name" : "SUSE-SU-2016:1305", - "refsource" : "SUSE", - "url" : "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" - }, - { - "name" : "1035827", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035827" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "SUSE-SU-2016:1305", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00044.html" + }, + { + "name": "1035827", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035827" + }, + { + "name": "MS16-064", + "refsource": "MS", + "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-064" + }, + { + "name": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html", + "refsource": "CONFIRM", + "url": "https://helpx.adobe.com/security/products/flash-player/apsb16-15.html" + }, + { + "name": "RHSA-2016:1079", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-1079.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1345.json b/2016/1xxx/CVE-2016-1345.json index e31f033dc58..ce733818c68 100644 --- a/2016/1xxx/CVE-2016-1345.json +++ b/2016/1xxx/CVE-2016-1345.json @@ -1,77 +1,77 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1345", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "ID": "CVE-2016-1345", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160330 Cisco Firepower Malware Block Bypass Vulnerability", - "refsource" : "CISCO", - "url" : "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp" - }, - { - "name" : "1035437", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035437" - }, - { - "name" : "1035438", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035438" - }, - { - "name" : "1035439", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035439" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Cisco FireSIGHT System Software 5.4.0 through 6.0.1 and ASA with FirePOWER Services 5.4.0 through 6.0.0.1 allow remote attackers to bypass malware protection via crafted fields in HTTP headers, aka Bug ID CSCux22726." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "1035437", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035437" + }, + { + "name": "20160330 Cisco Firepower Malware Block Bypass Vulnerability", + "refsource": "CISCO", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160330-fp" + }, + { + "name": "1035439", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035439" + }, + { + "name": "1035438", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035438" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1728.json b/2016/1xxx/CVE-2016-1728.json index 52456aa12a7..6dc8c000b09 100644 --- a/2016/1xxx/CVE-2016-1728.json +++ b/2016/1xxx/CVE-2016-1728.json @@ -1,102 +1,102 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1728", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the \"a:visited button\" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1728", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "20160311 WebKitGTK+ Security Advisory WSA-2016-0002", - "refsource" : "BUGTRAQ", - "url" : "http://www.securityfocus.com/archive/1/537771/100/0/threaded" - }, - { - "name" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html", - "refsource" : "MISC", - "url" : "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html" - }, - { - "name" : "https://support.apple.com/HT205730", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205730" - }, - { - "name" : "https://support.apple.com/HT205732", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT205732" - }, - { - "name" : "APPLE-SA-2016-01-19-1", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" - }, - { - "name" : "APPLE-SA-2016-01-19-3", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html" - }, - { - "name" : "GLSA-201706-15", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201706-15" - }, - { - "name" : "81263", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81263" - }, - { - "name" : "1034737", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1034737" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "The Cascading Style Sheets (CSS) implementation in Apple iOS before 9.2.1 and Safari before 9.0.3 mishandles the \"a:visited button\" selector during height processing, which makes it easier for remote attackers to obtain sensitive browser-history information via a crafted web site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html", + "refsource": "MISC", + "url": "http://packetstormsecurity.com/files/136227/WebKitGTK-Memory-Corruption-Denial-Of-Service.html" + }, + { + "name": "81263", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81263" + }, + { + "name": "20160311 WebKitGTK+ Security Advisory WSA-2016-0002", + "refsource": "BUGTRAQ", + "url": "http://www.securityfocus.com/archive/1/537771/100/0/threaded" + }, + { + "name": "1034737", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034737" + }, + { + "name": "https://support.apple.com/HT205730", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205730" + }, + { + "name": "APPLE-SA-2016-01-19-1", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html" + }, + { + "name": "GLSA-201706-15", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201706-15" + }, + { + "name": "https://support.apple.com/HT205732", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT205732" + }, + { + "name": "APPLE-SA-2016-01-19-3", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/Jan/msg00004.html" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1820.json b/2016/1xxx/CVE-2016-1820.json index ca2093f2924..34372e7964e 100644 --- a/2016/1xxx/CVE-2016-1820.json +++ b/2016/1xxx/CVE-2016-1820.json @@ -1,82 +1,82 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1820", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "product-security@apple.com", + "ID": "CVE-2016-1820", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.zerodayinitiative.com/advisories/ZDI-16-347", - "refsource" : "MISC", - "url" : "http://www.zerodayinitiative.com/advisories/ZDI-16-347" - }, - { - "name" : "https://support.apple.com/HT206567", - "refsource" : "CONFIRM", - "url" : "https://support.apple.com/HT206567" - }, - { - "name" : "APPLE-SA-2016-05-16-4", - "refsource" : "APPLE", - "url" : "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" - }, - { - "name" : "90696", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/90696" - }, - { - "name" : "1035895", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1035895" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Buffer overflow in IOAudioFamily in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://support.apple.com/HT206567", + "refsource": "CONFIRM", + "url": "https://support.apple.com/HT206567" + }, + { + "name": "APPLE-SA-2016-05-16-4", + "refsource": "APPLE", + "url": "http://lists.apple.com/archives/security-announce/2016/May/msg00004.html" + }, + { + "name": "90696", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/90696" + }, + { + "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-347", + "refsource": "MISC", + "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-347" + }, + { + "name": "1035895", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1035895" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1951.json b/2016/1xxx/CVE-2016-1951.json index db8ed7238d0..25a51f0621e 100644 --- a/2016/1xxx/CVE-2016-1951.json +++ b/2016/1xxx/CVE-2016-1951.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1951", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "security@mozilla.org", + "ID": "CVE-2016-1951", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[dev-tech-nspr] 20160217 [ANNOUNCE] NSPR 4.12 Release", - "refsource" : "MLIST", - "url" : "https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ" - }, - { - "name" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015" - }, - { - "name" : "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2", - "refsource" : "CONFIRM", - "url" : "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2" - }, - { - "name" : "USN-3023-1", - "refsource" : "UBUNTU", - "url" : "http://www.ubuntu.com/usn/USN-3023-1" - }, - { - "name" : "92385", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/92385" - }, - { - "name" : "1036590", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1036590" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime (NSPR) before 4.12 allow remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long string to a PR_*printf function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[dev-tech-nspr] 20160217 [ANNOUNCE] NSPR 4.12 Release", + "refsource": "MLIST", + "url": "https://groups.google.com/forum/message/raw?msg=mozilla.dev.tech.nspr/dV4MyMsg6jw/hhWcXOgJDQAJ" + }, + { + "name": "92385", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/92385" + }, + { + "name": "1036590", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1036590" + }, + { + "name": "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2", + "refsource": "CONFIRM", + "url": "https://hg.mozilla.org/projects/nspr/rev/96381e3aaae2" + }, + { + "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015", + "refsource": "CONFIRM", + "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1174015" + }, + { + "name": "USN-3023-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-3023-1" + } + ] + } +} \ No newline at end of file diff --git a/2016/1xxx/CVE-2016-1981.json b/2016/1xxx/CVE-2016-1981.json index 8fa1ba4b3fe..4c332f6fc07 100644 --- a/2016/1xxx/CVE-2016-1981.json +++ b/2016/1xxx/CVE-2016-1981.json @@ -1,107 +1,107 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-1981", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2016-1981", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "[oss-security] 20160119 CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/19/10" - }, - { - "name" : "[oss-security] 20160122 Re: CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", - "refsource" : "MLIST", - "url" : "http://www.openwall.com/lists/oss-security/2016/01/22/1" - }, - { - "name" : "[qemu-devel] 20160119 [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start", - "refsource" : "MLIST", - "url" : "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html" - }, - { - "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298570", - "refsource" : "CONFIRM", - "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1298570" - }, - { - "name" : "DSA-3469", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3469" - }, - { - "name" : "DSA-3470", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3470" - }, - { - "name" : "DSA-3471", - "refsource" : "DEBIAN", - "url" : "http://www.debian.org/security/2016/dsa-3471" - }, - { - "name" : "GLSA-201604-01", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201604-01" - }, - { - "name" : "RHSA-2016:2585", - "refsource" : "REDHAT", - "url" : "http://rhn.redhat.com/errata/RHSA-2016-2585.html" - }, - { - "name" : "81549", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/81549" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "QEMU (aka Quick Emulator) built with the e1000 NIC emulation support is vulnerable to an infinite loop issue. It could occur while processing data via transmit or receive descriptors, provided the initial receive/transmit descriptor head (TDH/RDH) is set outside the allocated descriptor buffer. A privileged user inside guest could use this flaw to crash the QEMU instance resulting in DoS." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "[qemu-devel] 20160119 [PATCH] e1000: eliminate infinite loops on out-of-bounds transfer start", + "refsource": "MLIST", + "url": "https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html" + }, + { + "name": "GLSA-201604-01", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201604-01" + }, + { + "name": "DSA-3469", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3469" + }, + { + "name": "DSA-3470", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3470" + }, + { + "name": "[oss-security] 20160119 CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/19/10" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1298570", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1298570" + }, + { + "name": "[oss-security] 20160122 Re: CVE request Qemu: net: e1000 infinite loop in start_xmit and e1000_receive_iov routines", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/22/1" + }, + { + "name": "RHSA-2016:2585", + "refsource": "REDHAT", + "url": "http://rhn.redhat.com/errata/RHSA-2016-2585.html" + }, + { + "name": "DSA-3471", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3471" + }, + { + "name": "81549", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/81549" + } + ] + } +} \ No newline at end of file diff --git a/2016/5xxx/CVE-2016-5568.json b/2016/5xxx/CVE-2016-5568.json index 045d164d384..f68b738965f 100644 --- a/2016/5xxx/CVE-2016-5568.json +++ b/2016/5xxx/CVE-2016-5568.json @@ -1,87 +1,87 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2016-5568", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2016-5568", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" - }, - { - "name" : "https://security.netapp.com/advisory/ntap-20161019-0001/", - "refsource" : "CONFIRM", - "url" : "https://security.netapp.com/advisory/ntap-20161019-0001/" - }, - { - "name" : "GLSA-201611-04", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201611-04" - }, - { - "name" : "GLSA-201701-43", - "refsource" : "GENTOO", - "url" : "https://security.gentoo.org/glsa/201701-43" - }, - { - "name" : "93621", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/93621" - }, - { - "name" : "1037040", - "refsource" : "SECTRACK", - "url" : "http://www.securitytracker.com/id/1037040" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "93621", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/93621" + }, + { + "name": "https://security.netapp.com/advisory/ntap-20161019-0001/", + "refsource": "CONFIRM", + "url": "https://security.netapp.com/advisory/ntap-20161019-0001/" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html" + }, + { + "name": "GLSA-201701-43", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201701-43" + }, + { + "name": "GLSA-201611-04", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201611-04" + }, + { + "name": "1037040", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1037040" + } + ] + } +} \ No newline at end of file diff --git a/2018/2xxx/CVE-2018-2832.json b/2018/2xxx/CVE-2018-2832.json index e7129128a32..6caae8bc9fd 100644 --- a/2018/2xxx/CVE-2018-2832.json +++ b/2018/2xxx/CVE-2018-2832.json @@ -1,68 +1,68 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secalert_us@oracle.com", - "ID" : "CVE-2018-2832", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "GoldenGate", - "version" : { - "version_data" : [ - { - "version_affected" : "=", - "version_value" : "12.2.0.1" - } - ] - } - } - ] - }, - "vendor_name" : "Oracle Corporation" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. The supported version that is affected is 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data." - } + "CVE_data_meta": { + "ASSIGNER": "secalert_us@oracle.com", + "ID": "CVE-2018-2832", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "GoldenGate", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.2.0.1" + } + ] + } + } + ] + }, + "vendor_name": "Oracle Corporation" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", - "refsource" : "CONFIRM", - "url" : "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" - }, - { - "name" : "103843", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/103843" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. The supported version that is affected is 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle GoldenGate accessible data." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "103843", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/103843" + }, + { + "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", + "refsource": "CONFIRM", + "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0169.json b/2019/0xxx/CVE-2019-0169.json index bf61545a6e4..c5f8fb3cc71 100644 --- a/2019/0xxx/CVE-2019-0169.json +++ b/2019/0xxx/CVE-2019-0169.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0169", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0169", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0592.json b/2019/0xxx/CVE-2019-0592.json index 04149a700c7..d36a49c0625 100644 --- a/2019/0xxx/CVE-2019-0592.json +++ b/2019/0xxx/CVE-2019-0592.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0592", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0592", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0742.json b/2019/0xxx/CVE-2019-0742.json index 19c066da472..9936d5c90eb 100644 --- a/2019/0xxx/CVE-2019-0742.json +++ b/2019/0xxx/CVE-2019-0742.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "secure@microsoft.com", - "ID" : "CVE-2019-0742", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Team Foundation Server 2018", - "version" : { - "version_data" : [ - { - "version_value" : "Update 3.2" - } - ] - } - } - ] - }, - "vendor_name" : "Microsoft" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Spoofing" - } + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2019-0742", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Team Foundation Server 2018", + "version": { + "version_data": [ + { + "version_value": "Update 3.2" + } + ] + } + } + ] + }, + "vendor_name": "Microsoft" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742", - "refsource" : "CONFIRM", - "url" : "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742" - }, - { - "name" : "106967", - "refsource" : "BID", - "url" : "http://www.securityfocus.com/bid/106967" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Spoofing" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742", + "refsource": "CONFIRM", + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0742" + }, + { + "name": "106967", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/106967" + } + ] + } +} \ No newline at end of file diff --git a/2019/0xxx/CVE-2019-0969.json b/2019/0xxx/CVE-2019-0969.json index 23abccf38b0..a836b22297d 100644 --- a/2019/0xxx/CVE-2019-0969.json +++ b/2019/0xxx/CVE-2019-0969.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-0969", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-0969", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1418.json b/2019/1xxx/CVE-2019-1418.json index 17ddc8fb8a0..31af3b94797 100644 --- a/2019/1xxx/CVE-2019-1418.json +++ b/2019/1xxx/CVE-2019-1418.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1418", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1418", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1469.json b/2019/1xxx/CVE-2019-1469.json index 63e4fbaa5b2..e8ace2416de 100644 --- a/2019/1xxx/CVE-2019-1469.json +++ b/2019/1xxx/CVE-2019-1469.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1469", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1469", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1518.json b/2019/1xxx/CVE-2019-1518.json index f36f735b9c9..2b336aa56f9 100644 --- a/2019/1xxx/CVE-2019-1518.json +++ b/2019/1xxx/CVE-2019-1518.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1518", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1518", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/1xxx/CVE-2019-1791.json b/2019/1xxx/CVE-2019-1791.json index 55887c3e851..7db1c1f9fbe 100644 --- a/2019/1xxx/CVE-2019-1791.json +++ b/2019/1xxx/CVE-2019-1791.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-1791", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-1791", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4071.json b/2019/4xxx/CVE-2019-4071.json index 6dfa7d084f8..13a48efa5bf 100644 --- a/2019/4xxx/CVE-2019-4071.json +++ b/2019/4xxx/CVE-2019-4071.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4071", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4071", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4307.json b/2019/4xxx/CVE-2019-4307.json index 0a88108b9fb..743481ef027 100644 --- a/2019/4xxx/CVE-2019-4307.json +++ b/2019/4xxx/CVE-2019-4307.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4307", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4307", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4329.json b/2019/4xxx/CVE-2019-4329.json index 22d4e5b8866..62568700111 100644 --- a/2019/4xxx/CVE-2019-4329.json +++ b/2019/4xxx/CVE-2019-4329.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4329", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4329", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/4xxx/CVE-2019-4474.json b/2019/4xxx/CVE-2019-4474.json index 5a3e4699557..defeb31ce20 100644 --- a/2019/4xxx/CVE-2019-4474.json +++ b/2019/4xxx/CVE-2019-4474.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-4474", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-4474", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5068.json b/2019/5xxx/CVE-2019-5068.json index 7e31d387c82..6827457caf7 100644 --- a/2019/5xxx/CVE-2019-5068.json +++ b/2019/5xxx/CVE-2019-5068.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5068", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5068", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/5xxx/CVE-2019-5937.json b/2019/5xxx/CVE-2019-5937.json index 4eda40b7150..a8b8c56e83f 100644 --- a/2019/5xxx/CVE-2019-5937.json +++ b/2019/5xxx/CVE-2019-5937.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-5937", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-5937", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/8xxx/CVE-2019-8962.json b/2019/8xxx/CVE-2019-8962.json index daacaaf0d01..64f1563d111 100644 --- a/2019/8xxx/CVE-2019-8962.json +++ b/2019/8xxx/CVE-2019-8962.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-8962", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-8962", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9012.json b/2019/9xxx/CVE-2019-9012.json index 8f4c4541fa2..f6dc1d1a391 100644 --- a/2019/9xxx/CVE-2019-9012.json +++ b/2019/9xxx/CVE-2019-9012.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9012", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9012", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9101.json b/2019/9xxx/CVE-2019-9101.json index 3daa8217d78..e5da388d061 100644 --- a/2019/9xxx/CVE-2019-9101.json +++ b/2019/9xxx/CVE-2019-9101.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9101", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9101", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9260.json b/2019/9xxx/CVE-2019-9260.json index cfc8072b823..9a0b48267f2 100644 --- a/2019/9xxx/CVE-2019-9260.json +++ b/2019/9xxx/CVE-2019-9260.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9260", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9260", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9303.json b/2019/9xxx/CVE-2019-9303.json index 5ce553fb24e..49a9fc6da6e 100644 --- a/2019/9xxx/CVE-2019-9303.json +++ b/2019/9xxx/CVE-2019-9303.json @@ -1,18 +1,18 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9303", - "STATE" : "RESERVED" - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9303", + "STATE": "RESERVED" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2019/9xxx/CVE-2019-9776.json b/2019/9xxx/CVE-2019-9776.json index b97c67f6150..0b1a5c4b788 100644 --- a/2019/9xxx/CVE-2019-9776.json +++ b/2019/9xxx/CVE-2019-9776.json @@ -1,67 +1,67 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", - "ID" : "CVE-2019-9776", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "n/a", - "version" : { - "version_data" : [ - { - "version_value" : "n/a" - } - ] - } - } - ] - }, - "vendor_name" : "n/a" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779)." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "n/a" - } + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2019-9776", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "name" : "https://github.com/LibreDWG/libredwg/issues/99", - "refsource" : "MISC", - "url" : "https://github.com/LibreDWG/libredwg/issues/99" - }, - { - "name" : "https://savannah.gnu.org/bugs/index.php?55893", - "refsource" : "MISC", - "url" : "https://savannah.gnu.org/bugs/index.php?55893" - } - ] - } -} + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a NULL pointer dereference in the function dwg_dxf_LTYPE at dwg.spec (later than CVE-2019-9779)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://savannah.gnu.org/bugs/index.php?55893", + "refsource": "MISC", + "url": "https://savannah.gnu.org/bugs/index.php?55893" + }, + { + "name": "https://github.com/LibreDWG/libredwg/issues/99", + "refsource": "MISC", + "url": "https://github.com/LibreDWG/libredwg/issues/99" + } + ] + } +} \ No newline at end of file