admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-18 14:00:33 +00:00
parent 0ead29e050
commit 257444d7e0
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
12 changed files with 303 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
2024/11xxx/CVE-2024-11421.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11421",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The developer has disputed this as a vulnerability. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage."
}
]
}

2
2024/50xxx/CVE-2024-50960.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, and SMP 352 <= 2.16 allows a remote authenticated attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system."
"value": "A command injection vulnerability in the Nmap diagnostic tool in the admin web console of Extron SMP 111 <=3.01, SMP 351 <=2.16, SMP 352 <= 2.16, and SME 211 <= 3.02, allows a remote authenticated attacker to execute arbitrary commands as root on the underlying operating system."
}
]
},

35
2024/53xxx/CVE-2024-53204.json
View File

@ -41,6 +41,11 @@
{
"version_affected": "<",
"version_name": "adda6e82a7de7d6d478f6c8ef127f0ac51c510a1",
"version_value": "e27877990e54bfe4246dd850f7ec8646c999ce58"
},
{
"version_affected": "<",
"version_name": "b48415afe5fd7e6f5912d4c45720217b77d8e7ea",
"version_value": "48d52d3168749e10c1c37cd4ceccd18625851741"
},
{
@ -51,12 +56,28 @@
"version": "6.6",
"status": "affected"
},
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.4",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.7",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.11",
"lessThanOrEqual": "6.11.*",
@ -70,7 +91,7 @@
"versionType": "semver"
},
{
"version": "6.13-rc1",
"version": "6.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
@ -90,6 +111,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/e27877990e54bfe4246dd850f7ec8646c999ce58",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e27877990e54bfe4246dd850f7ec8646c999ce58"
},
{
"url": "https://git.kernel.org/stable/c/258ea41c926b7b3a16d0d7aa210a1401c4a1601b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/258ea41c926b7b3a16d0d7aa210a1401c4a1601b"
},
{
"url": "https://git.kernel.org/stable/c/48d52d3168749e10c1c37cd4ceccd18625851741",
"refsource": "MISC",
@ -108,6 +139,6 @@
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
"engine": "bippy-1.1.0"
}
}

35
2024/53xxx/CVE-2024-53205.json
View File

@ -41,6 +41,11 @@
{
"version_affected": "<",
"version_name": "134e6d25f6bd06071e5aac0a7eefcea6f7713955",
"version_value": "7e2cde1813418b39b5e95d86e10d6701dccf18af"
},
{
"version_affected": "<",
"version_name": "eeda494542e55b603c7b80e14bfc5ee4ab7f9814",
"version_value": "0b398b6b6c94315fd2ce3658e3cee96539dbd7b7"
},
{
@ -51,12 +56,28 @@
"version": "6.6",
"status": "affected"
},
{
"version": "6.9",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.6",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.4",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.7",
"lessThan": "6.9",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.11",
"lessThanOrEqual": "6.11.*",
@ -70,7 +91,7 @@
"versionType": "semver"
},
{
"version": "6.13-rc1",
"version": "6.13",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
@ -90,6 +111,16 @@
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/7e2cde1813418b39b5e95d86e10d6701dccf18af",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7e2cde1813418b39b5e95d86e10d6701dccf18af"
},
{
"url": "https://git.kernel.org/stable/c/7a784bcdd7e54f0599da3b2360e472238412623e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7a784bcdd7e54f0599da3b2360e472238412623e"
},
{
"url": "https://git.kernel.org/stable/c/0b398b6b6c94315fd2ce3658e3cee96539dbd7b7",
"refsource": "MISC",
@ -108,6 +139,6 @@
]
},
"generator": {
"engine": "bippy-5f407fcff5a0"
"engine": "bippy-1.1.0"
}
}

5
2025/25xxx/CVE-2025-25948.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-53637",
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-53637"
},
{
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25948",
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25948"
}
]
}

5
2025/25xxx/CVE-2025-25949.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89636",
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89636"
},
{
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25949",
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25949"
}
]
}

5
2025/25xxx/CVE-2025-25950.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89637",
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89637"
},
{
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25950",
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25950"
}
]
}

5
2025/25xxx/CVE-2025-25951.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89638",
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89638"
},
{
"refsource": "MISC",
"name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25951",
"url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25951"
}
]
}

2
2025/32xxx/CVE-2025-32790.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A patched version has not been released. A workaround for this vulnerability involves updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can export the APP DSL. This vulnerability is fixed in 0.6.13."
"value": "Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for this vulnerability involves updating the access control mechanisms to enforce stricter user role permissions and implementing role-based access controls (RBAC) to ensure that only users with admin privileges can export the APP DSL. This vulnerability is fixed in 0.6.13."
}
]
},

109
2025/3xxx/CVE-2025-3790.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3790",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical has been found in baseweb JSite 1.0. This affects an unknown part of the file /druid/index.html of the component Apache Druid Monitoring Console. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in baseweb JSite 1.0 entdeckt. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /druid/index.html der Komponente Apache Druid Monitoring Console. Dank der Manipulation mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "baseweb",
"product": {
"product_data": [
{
"product_name": "JSite",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.305613",
"refsource": "MISC",
"name": "https://vuldb.com/?id.305613"
},
{
"url": "https://vuldb.com/?ctiid.305613",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.305613"
},
{
"url": "https://vuldb.com/?submit.554572",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.554572"
},
{
"url": "https://github.com/caigo8/CVE-md/blob/main/JSite/durid%E6%9C%AA%E6%8E%88%E6%9D%83.md",
"refsource": "MISC",
"name": "https://github.com/caigo8/CVE-md/blob/main/JSite/durid%E6%9C%AA%E6%8E%88%E6%9D%83.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Caigo (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

18
2025/3xxx/CVE-2025-3794.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3794",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

92
2025/40xxx/CVE-2025-40364.json
View File

@ -1,18 +1,102 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-40364",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: fix io_req_prep_async with provided buffers\n\nio_req_prep_async() can import provided buffers, commit the ring state\nby giving up on that before, it'll be reimported later if needed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "c7fb19428d67dd0a2a78a4f237af01d39c78dc5a",
"version_value": "a1b17713b32c75a90132ea2f92b1257f3bbc20f3"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.19",
"status": "affected"
},
{
"version": "0",
"lessThan": "5.19",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.129",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.78",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/a1b17713b32c75a90132ea2f92b1257f3bbc20f3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a1b17713b32c75a90132ea2f92b1257f3bbc20f3"
},
{
"url": "https://git.kernel.org/stable/c/a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a94592ec30ff67dc36c424327f1e0a9ceeeb9bd3"
}
]
},
"generator": {
"engine": "bippy-1.1.0"
}
}