diff --git a/2024/37xxx/CVE-2024-37917.json b/2024/37xxx/CVE-2024-37917.json index cddf8b8365c..8788d7179fc 100644 --- a/2024/37xxx/CVE-2024-37917.json +++ b/2024/37xxx/CVE-2024-37917.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-37917", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-37917", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger a denial of service (software abort) via a crafted signalling message." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.pexip.com/admin/security_bulletins.htm", + "refsource": "MISC", + "name": "https://docs.pexip.com/admin/security_bulletins.htm" } ] } diff --git a/2025/22xxx/CVE-2025-22923.json b/2025/22xxx/CVE-2025-22923.json index 9020d10d13d..de96e31bf78 100644 --- a/2025/22xxx/CVE-2025-22923.json +++ b/2025/22xxx/CVE-2025-22923.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-22923", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-22923", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal and delete files by sending a crafted POST request to /Modules.php?modname=users/Staff.php&removefile." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OS4ED/openSIS-Classic", + "refsource": "MISC", + "name": "https://github.com/OS4ED/openSIS-Classic" + }, + { + "refsource": "MISC", + "name": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22923", + "url": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22923" } ] } diff --git a/2025/22xxx/CVE-2025-22924.json b/2025/22xxx/CVE-2025-22924.json index ff08f3c1054..c1c4aa17c70 100644 --- a/2025/22xxx/CVE-2025-22924.json +++ b/2025/22xxx/CVE-2025-22924.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-22924", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-22924", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OS4ED openSIS v7.0 through v9.1 contains a SQL injection vulnerability via the stu_id parameter at /modules/students/Student.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OS4ED/openSIS-Classic", + "refsource": "MISC", + "name": "https://github.com/OS4ED/openSIS-Classic" + }, + { + "refsource": "MISC", + "name": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22924", + "url": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22924" } ] } diff --git a/2025/22xxx/CVE-2025-22925.json b/2025/22xxx/CVE-2025-22925.json index a1ace5a0eb8..75e501b5e9f 100644 --- a/2025/22xxx/CVE-2025-22925.json +++ b/2025/22xxx/CVE-2025-22925.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-22925", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-22925", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the table parameter at /attendance/AttendanceCodes.php. The remote, authenticated attacker requires the admin role to successfully exploit this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OS4ED/openSIS-Classic", + "refsource": "MISC", + "name": "https://github.com/OS4ED/openSIS-Classic" + }, + { + "refsource": "MISC", + "name": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22925", + "url": "https://github.com/esusalla/vulnerability-research/tree/main/CVE-2025-22925" } ] } diff --git a/2025/29xxx/CVE-2025-29719.json b/2025/29xxx/CVE-2025-29719.json index 12712598027..254bf1e310f 100644 --- a/2025/29xxx/CVE-2025-29719.json +++ b/2025/29xxx/CVE-2025-29719.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-29719", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-29719", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SourceCodester (rems) Employee Management System 1.0 is vulnerable to Cross Site Scripting (XSS) in add_employee.php via the First Name and Address text fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.sourcecodester.com/php/17847/employee-management-system-using-php-and-mysql-source-code.html", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/php/17847/employee-management-system-using-php-and-mysql-source-code.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/sw8y/vulnerability_research/blob/main/CVE-2025-29719/CVE-2025-29719.md", + "url": "https://github.com/sw8y/vulnerability_research/blob/main/CVE-2025-29719/CVE-2025-29719.md" } ] } diff --git a/2025/30xxx/CVE-2025-30080.json b/2025/30xxx/CVE-2025-30080.json index 0a40b64df16..a8dc1e604cd 100644 --- a/2025/30xxx/CVE-2025-30080.json +++ b/2025/30xxx/CVE-2025-30080.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-30080", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-30080", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that allows remote attackers to trigger a temporary denial of service (software abort)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.pexip.com/admin/security_bulletins.htm", + "refsource": "MISC", + "name": "https://docs.pexip.com/admin/security_bulletins.htm" } ] }