diff --git a/2024/53xxx/CVE-2024-53354.json b/2024/53xxx/CVE-2024-53354.json index 4ae94b8beb5..d5c78c5e230 100644 --- a/2024/53xxx/CVE-2024-53354.json +++ b/2024/53xxx/CVE-2024-53354.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to SQL Injection." + "value": "Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers to execute arbitrary SQL commands via the (1) user parameter to /api/management/findfilterlist; the (2) user or (3) filter parameter to /api/audit/findmetawatcher; the (4) user parameter to /api/audit/findmetaalert; the (5) user parameter to /api/management/ds; the (6) user or (7) filter parameter to /api/audit/findmetarunalert; the (7) user parameter to /api/management/findtimeview; the (8) user, (9) filter or (10) target parameter to /api/management/getihmsettings; the (11) user or (12) filter parameter to /api/management/elementstype; the (14) login, (15) user, (16) is_local, (17) is_ldap, or (18) is_openid parameter to /api/user/addalias; the (19) role parameter to /api/user/addrole; the (20) user or (21) filter parameter to /api/management/addtimeview; the (22) TIMEAGO, (23) IDENTIFIER, (24) USER, (25) NAME, or (26) COST parameter to /api/management/addtagcosts; the (27) USER, or (28) VM_COST parameter to /api/management/updategenericcpucost; the (29) VM, (30) HOST, or (31) STORAGE parameter to /api/management/updatecostinfo; the (32) user, (33) filter, or (34) timeago parameter to /api/management/addfilter; the (35) user parameter to /api/report/getreporthistory." } ] }, diff --git a/2024/53xxx/CVE-2024-53355.json b/2024/53xxx/CVE-2024-53355.json index 73fcfd91893..4bbf14fcb69 100644 --- a/2024/53xxx/CVE-2024-53355.json +++ b/2024/53xxx/CVE-2024-53355.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to Incorrect Access Control. This vulnerability allows the api to be used to create/modify/delete information about aliases (users) / users (groups) / roles." + "value": "Multiple incorrect access control issues in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote authenticated attackers, with low privileges, to (1) add an admin user via the /api/user/addalias route; (2) modifiy a user via the /api/user/updatealias route; (4) delete users via the /api/user/delalias route; (4) get users via the /api/user/aliases route; (5) add a root group via the /api/user/adduser route; (6) modifiy a group via the /api/user/updateuser route; (7) delete a group via the /api/user/deluser route; (8) get groups via the /api/user/users route; (9) add an admin role via the /api/user/addrole route; (10) modifiy a role via the /api/user/updaterole route; (11) delete a role via the /api/user/delrole route; (12) get roles via the /api/user/roles route." } ] }, diff --git a/2024/53xxx/CVE-2024-53356.json b/2024/53xxx/CVE-2024-53356.json index 5145bb80c25..055bd2fce83 100644 --- a/2024/53xxx/CVE-2024-53356.json +++ b/2024/53xxx/CVE-2024-53356.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privilege escalation as the password token suffers from weak encryption making it possible to brute-force the password token." + "value": "Weak JWT Secret vulnerabilitiy in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote attackers to generate JWT for privilege escalation. The HMAC secret used for generating tokens is hardcoded as \"somerandomaccesstoken\". A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens (JWTs), allowing them access to important information and actions within the application." } ] }, diff --git a/2024/57xxx/CVE-2024-57587.json b/2024/57xxx/CVE-2024-57587.json index e31fc185309..22709d3ea32 100644 --- a/2024/57xxx/CVE-2024-57587.json +++ b/2024/57xxx/CVE-2024-57587.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to SQL Injection on the authentication portal." + "value": "Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 8.6.0 and CO2Scope <= 1.3.0 allows remote unauthenticated attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to /api/auth/login." } ] }, diff --git a/2024/7xxx/CVE-2024-7425.json b/2024/7xxx/CVE-2024-7425.json index 74a6cec1ccf..8e3240c4886 100644 --- a/2024/7xxx/CVE-2024-7425.json +++ b/2024/7xxx/CVE-2024-7425.json @@ -1,17 +1,85 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-7425", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP ALL Export Pro plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to improper user input validation and sanitization in all versions up to, and including, 1.9.1. This makes it possible for authenticated attackers, with Shop Manager-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "WP All Import", + "product": { + "product_data": [ + { + "product_name": "WP All Export Pro", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "1.9.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9205896-487d-4b8f-84cf-7ba16e1205e3?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c9205896-487d-4b8f-84cf-7ba16e1205e3?source=cve" + }, + { + "url": "https://www.wpallimport.com/upgrade-to-wp-all-export-pro/", + "refsource": "MISC", + "name": "https://www.wpallimport.com/upgrade-to-wp-all-export-pro/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Francesco Carlucci" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 6.8, + "baseSeverity": "MEDIUM" } ] } diff --git a/2025/1xxx/CVE-2025-1104.json b/2025/1xxx/CVE-2025-1104.json index ba53fbb5e2c..7fec09955c2 100644 --- a/2025/1xxx/CVE-2025-1104.json +++ b/2025/1xxx/CVE-2025-1104.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1104", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This vulnerability affects unknown code. The manipulation leads to authentication bypass by spoofing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In D-Link DHP-W310AV 1.04 wurde eine kritische Schwachstelle gefunden. Hierbei betrifft es unbekannten Programmcode. Mit der Manipulation mit unbekannten Daten kann eine authentication bypass by spoofing-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Authentication Bypass by Spoofing", + "cweId": "CWE-290" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Improper Authentication", + "cweId": "CWE-287" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "D-Link", + "product": { + "product_data": [ + { + "product_name": "DHP-W310AV", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.04" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.294934", + "refsource": "MISC", + "name": "https://vuldb.com/?id.294934" + }, + { + "url": "https://vuldb.com/?ctiid.294934", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.294934" + }, + { + "url": "https://vuldb.com/?submit.489958", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.489958" + }, + { + "url": "https://github.com/kn1g78/cve/blob/main/dlink.md", + "refsource": "MISC", + "name": "https://github.com/kn1g78/cve/blob/main/dlink.md" + }, + { + "url": "https://www.dlink.com/", + "refsource": "MISC", + "name": "https://www.dlink.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "HuangDow (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/1xxx/CVE-2025-1113.json b/2025/1xxx/CVE-2025-1113.json new file mode 100644 index 00000000000..f45ae722730 --- /dev/null +++ b/2025/1xxx/CVE-2025-1113.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1113", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1114.json b/2025/1xxx/CVE-2025-1114.json new file mode 100644 index 00000000000..72e78e28b0e --- /dev/null +++ b/2025/1xxx/CVE-2025-1114.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1114", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1115.json b/2025/1xxx/CVE-2025-1115.json new file mode 100644 index 00000000000..5cbf02860a7 --- /dev/null +++ b/2025/1xxx/CVE-2025-1115.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1115", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1116.json b/2025/1xxx/CVE-2025-1116.json new file mode 100644 index 00000000000..26b10ee4e73 --- /dev/null +++ b/2025/1xxx/CVE-2025-1116.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1116", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1117.json b/2025/1xxx/CVE-2025-1117.json new file mode 100644 index 00000000000..bb777fd2c22 --- /dev/null +++ b/2025/1xxx/CVE-2025-1117.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1117", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1118.json b/2025/1xxx/CVE-2025-1118.json new file mode 100644 index 00000000000..6b002de5981 --- /dev/null +++ b/2025/1xxx/CVE-2025-1118.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1118", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file