From 1ccde2e79b0dd79cb36c77d6a8873419fdf05bcd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 23 Apr 2025 03:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2025/1xxx/CVE-2025-1021.json | 106 +++++++++++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31934.json | 18 ++++++ 2025/36xxx/CVE-2025-36509.json | 18 ++++++ 2025/36xxx/CVE-2025-36551.json | 18 ++++++ 2025/36xxx/CVE-2025-36554.json | 18 ++++++ 2025/41xxx/CVE-2025-41434.json | 18 ++++++ 2025/41xxx/CVE-2025-41440.json | 18 ++++++ 2025/46xxx/CVE-2025-46216.json | 8 +-- 2025/46xxx/CVE-2025-46217.json | 8 +-- 2025/46xxx/CVE-2025-46218.json | 8 +-- 2025/46xxx/CVE-2025-46219.json | 8 +-- 2025/46xxx/CVE-2025-46220.json | 8 +-- 2025/46xxx/CVE-2025-46221.json | 8 +-- 2025/46xxx/CVE-2025-46353.json | 18 ++++++ 2025/46xxx/CVE-2025-46356.json | 18 ++++++ 2025/46xxx/CVE-2025-46357.json | 18 ++++++ 2025/46xxx/CVE-2025-46360.json | 18 ++++++ 2025/46xxx/CVE-2025-46361.json | 18 ++++++ 18 files changed, 324 insertions(+), 28 deletions(-) create mode 100644 2025/31xxx/CVE-2025-31934.json create mode 100644 2025/36xxx/CVE-2025-36509.json create mode 100644 2025/36xxx/CVE-2025-36551.json create mode 100644 2025/36xxx/CVE-2025-36554.json create mode 100644 2025/41xxx/CVE-2025-41434.json create mode 100644 2025/41xxx/CVE-2025-41440.json create mode 100644 2025/46xxx/CVE-2025-46353.json create mode 100644 2025/46xxx/CVE-2025-46356.json create mode 100644 2025/46xxx/CVE-2025-46357.json create mode 100644 2025/46xxx/CVE-2025-46360.json create mode 100644 2025/46xxx/CVE-2025-46361.json diff --git a/2025/1xxx/CVE-2025-1021.json b/2025/1xxx/CVE-2025-1021.json index 4ccb7b3c9d2..90e73e9c6b0 100644 --- a/2025/1xxx/CVE-2025-1021.json +++ b/2025/1xxx/CVE-2025-1021.json @@ -1,17 +1,115 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1021", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@synology.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1.1-42962-8, 7.2.1-69057-7 and 7.2.2-72806-3 allows remote attackers to read arbitrary files via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Synology", + "product": { + "product_data": [ + { + "product_name": "DiskStation Manager (DSM)", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "7.2.2", + "status": "affected", + "lessThan": "7.2.2-72806-3", + "versionType": "semver" + }, + { + "version": "7.2.1", + "status": "affected", + "lessThan": "7.2.1-69057-7", + "versionType": "semver" + }, + { + "version": "7.1", + "status": "affected", + "lessThan": "7.1.1-42962-8", + "versionType": "semver" + }, + { + "version": "0", + "status": "unknown", + "lessThan": "7.1", + "versionType": "semver" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.synology.com/en-global/security/advisory/Synology_SA_25_03", + "refsource": "MISC", + "name": "https://www.synology.com/en-global/security/advisory/Synology_SA_25_03" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "DEVCORE Research Team (https://devco.re/)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31934.json b/2025/31xxx/CVE-2025-31934.json new file mode 100644 index 00000000000..f0bee918047 --- /dev/null +++ b/2025/31xxx/CVE-2025-31934.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-31934", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/36xxx/CVE-2025-36509.json b/2025/36xxx/CVE-2025-36509.json new file mode 100644 index 00000000000..40574bcb8c8 --- /dev/null +++ b/2025/36xxx/CVE-2025-36509.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-36509", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/36xxx/CVE-2025-36551.json b/2025/36xxx/CVE-2025-36551.json new file mode 100644 index 00000000000..0369e50a192 --- /dev/null +++ b/2025/36xxx/CVE-2025-36551.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-36551", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/36xxx/CVE-2025-36554.json b/2025/36xxx/CVE-2025-36554.json new file mode 100644 index 00000000000..dc5a66459d4 --- /dev/null +++ b/2025/36xxx/CVE-2025-36554.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-36554", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/41xxx/CVE-2025-41434.json b/2025/41xxx/CVE-2025-41434.json new file mode 100644 index 00000000000..874d0ae50bc --- /dev/null +++ b/2025/41xxx/CVE-2025-41434.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-41434", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/41xxx/CVE-2025-41440.json b/2025/41xxx/CVE-2025-41440.json new file mode 100644 index 00000000000..9d0cdd74f3a --- /dev/null +++ b/2025/41xxx/CVE-2025-41440.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-41440", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46216.json b/2025/46xxx/CVE-2025-46216.json index 8caa75c6f51..6752a07e4f8 100644 --- a/2025/46xxx/CVE-2025-46216.json +++ b/2025/46xxx/CVE-2025-46216.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46216", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46217.json b/2025/46xxx/CVE-2025-46217.json index f3a840a22e0..576221c583c 100644 --- a/2025/46xxx/CVE-2025-46217.json +++ b/2025/46xxx/CVE-2025-46217.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46217", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46218.json b/2025/46xxx/CVE-2025-46218.json index 8f5362bec2f..4a1a74ed8e2 100644 --- a/2025/46xxx/CVE-2025-46218.json +++ b/2025/46xxx/CVE-2025-46218.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46218", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46219.json b/2025/46xxx/CVE-2025-46219.json index 01896f00941..a51415a5c03 100644 --- a/2025/46xxx/CVE-2025-46219.json +++ b/2025/46xxx/CVE-2025-46219.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46219", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46220.json b/2025/46xxx/CVE-2025-46220.json index 7a293e79886..6e8123e2d2b 100644 --- a/2025/46xxx/CVE-2025-46220.json +++ b/2025/46xxx/CVE-2025-46220.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46220", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46221.json b/2025/46xxx/CVE-2025-46221.json index 95453356524..462f4d39f81 100644 --- a/2025/46xxx/CVE-2025-46221.json +++ b/2025/46xxx/CVE-2025-46221.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46221", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@fortinet.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** Not used" } ] } diff --git a/2025/46xxx/CVE-2025-46353.json b/2025/46xxx/CVE-2025-46353.json new file mode 100644 index 00000000000..db1a5e5cf5e --- /dev/null +++ b/2025/46xxx/CVE-2025-46353.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-46353", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46356.json b/2025/46xxx/CVE-2025-46356.json new file mode 100644 index 00000000000..19fb41d031c --- /dev/null +++ b/2025/46xxx/CVE-2025-46356.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-46356", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46357.json b/2025/46xxx/CVE-2025-46357.json new file mode 100644 index 00000000000..993f65782b9 --- /dev/null +++ b/2025/46xxx/CVE-2025-46357.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-46357", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46360.json b/2025/46xxx/CVE-2025-46360.json new file mode 100644 index 00000000000..bbd46b1e0ae --- /dev/null +++ b/2025/46xxx/CVE-2025-46360.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-46360", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46361.json b/2025/46xxx/CVE-2025-46361.json new file mode 100644 index 00000000000..bce709e3b5e --- /dev/null +++ b/2025/46xxx/CVE-2025-46361.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-46361", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file