From 2e5e5e7c578dec805324e0ceb6a5478189e83919 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 18 Feb 2025 20:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13886.json | 18 +++++ 2024/45xxx/CVE-2024-45775.json | 124 +++++++++++++++++++++++++++++++-- 2024/45xxx/CVE-2024-45776.json | 124 +++++++++++++++++++++++++++++++-- 2024/45xxx/CVE-2024-45781.json | 123 ++++++++++++++++++++++++++++++-- 2024/45xxx/CVE-2024-45783.json | 124 +++++++++++++++++++++++++++++++-- 2024/56xxx/CVE-2024-56000.json | 113 ++++++++++++++++++++++++++++-- 2025/0xxx/CVE-2025-0622.json | 124 +++++++++++++++++++++++++++++++-- 2025/1xxx/CVE-2025-1354.json | 2 +- 2025/1xxx/CVE-2025-1455.json | 18 +++++ 2025/1xxx/CVE-2025-1456.json | 18 +++++ 2025/22xxx/CVE-2025-22639.json | 85 ++++++++++++++++++++-- 2025/22xxx/CVE-2025-22645.json | 85 ++++++++++++++++++++-- 2025/22xxx/CVE-2025-22650.json | 85 ++++++++++++++++++++-- 2025/22xxx/CVE-2025-22654.json | 85 ++++++++++++++++++++-- 2025/22xxx/CVE-2025-22656.json | 85 ++++++++++++++++++++-- 2025/22xxx/CVE-2025-22657.json | 113 ++++++++++++++++++++++++++++-- 2025/22xxx/CVE-2025-22663.json | 113 ++++++++++++++++++++++++++++-- 2025/26xxx/CVE-2025-26603.json | 81 +++++++++++++++++++-- 2025/26xxx/CVE-2025-26604.json | 81 +++++++++++++++++++-- 2025/26xxx/CVE-2025-26623.json | 63 +++++++++++++++-- 2025/27xxx/CVE-2025-27013.json | 113 ++++++++++++++++++++++++++++-- 2025/27xxx/CVE-2025-27016.json | 85 ++++++++++++++++++++-- 22 files changed, 1789 insertions(+), 73 deletions(-) create mode 100644 2024/13xxx/CVE-2024-13886.json create mode 100644 2025/1xxx/CVE-2025-1455.json create mode 100644 2025/1xxx/CVE-2025-1456.json diff --git a/2024/13xxx/CVE-2024-13886.json b/2024/13xxx/CVE-2024-13886.json new file mode 100644 index 00000000000..2f16bcd6946 --- /dev/null +++ b/2024/13xxx/CVE-2024-13886.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13886", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/45xxx/CVE-2024-45775.json b/2024/45xxx/CVE-2024-45775.json index a285f3fe79a..0f0b99c2a72 100644 --- a/2024/45xxx/CVE-2024-45775.json +++ b/2024/45xxx/CVE-2024-45775.json @@ -1,17 +1,133 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45775", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unchecked Return Value", + "cweId": "CWE-252" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-45775", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-45775" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337481", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2337481" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H", + "version": "3.1" } ] } diff --git a/2024/45xxx/CVE-2024-45776.json b/2024/45xxx/CVE-2024-45776.json index e74c12e75b3..15aab50bbf4 100644 --- a/2024/45xxx/CVE-2024-45776.json +++ b/2024/45xxx/CVE-2024-45776.json @@ -1,17 +1,133 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45776", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds Write", + "cweId": "CWE-787" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unaffected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-45776", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-45776" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339182", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2339182" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/45xxx/CVE-2024-45781.json b/2024/45xxx/CVE-2024-45781.json index df6cafb7a1f..769cc026f0d 100644 --- a/2024/45xxx/CVE-2024-45781.json +++ b/2024/45xxx/CVE-2024-45781.json @@ -1,17 +1,132 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45781", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-45781", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-45781" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345857", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2345857" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.7, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2024/45xxx/CVE-2024-45783.json b/2024/45xxx/CVE-2024-45783.json index 1e394c45531..34380f421b7 100644 --- a/2024/45xxx/CVE-2024-45783.json +++ b/2024/45xxx/CVE-2024-45783.json @@ -1,17 +1,133 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-45783", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Improper Update of Reference Count", + "cweId": "CWE-911" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-45783", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2024-45783" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345863", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2345863" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 4.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" } ] } diff --git a/2024/56xxx/CVE-2024-56000.json b/2024/56xxx/CVE-2024-56000.json index 2e4e7343cbe..783e97f5709 100644 --- a/2024/56xxx/CVE-2024-56000.json +++ b/2024/56xxx/CVE-2024-56000.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-56000", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Privilege Assignment vulnerability in NotFound K Elements allows Privilege Escalation. This issue affects K Elements: from n/a through n/a." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-266 Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "NotFound", + "product": { + "product_data": [ + { + "product_name": "K Elements", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "5.2.0", + "status": "affected", + "version": "n/a", + "versionType": "custom", + "changes": [ + { + "at": "5.2.0", + "status": "unaffected" + } + ] + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/k-elements/vulnerability/wordpress-k-elements-plugin-5-2-0-unauthenticated-account-takeover-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/k-elements/vulnerability/wordpress-k-elements-plugin-5-2-0-unauthenticated-account-takeover-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress K Elements wordpress plugin to the latest available version (at least 5.2.0)." + } + ], + "value": "Update the WordPress K Elements wordpress plugin to the latest available version (at least 5.2.0)." + } + ], + "credits": [ + { + "lang": "en", + "value": "Rafie Muhammad (Patchstack)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 9.8, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseSeverity": "CRITICAL", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/0xxx/CVE-2025-0622.json b/2025/0xxx/CVE-2025-0622.json index a0c62928a02..a3fc8e0b79d 100644 --- a/2025/0xxx/CVE-2025-0622.json +++ b/2025/0xxx/CVE-2025-0622.json @@ -1,17 +1,133 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0622", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Red Hat", + "product": { + "product_data": [ + { + "product_name": "Red Hat Enterprise Linux 7", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "unknown" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 9", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat OpenShift Container Platform 4", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2025-0622", + "refsource": "MISC", + "name": "https://access.redhat.com/security/cve/CVE-2025-0622" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345865", + "refsource": "MISC", + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2345865" + } + ] + }, + "work_around": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 6.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/1xxx/CVE-2025-1354.json b/2025/1xxx/CVE-2025-1354.json index 0005038a598..60082942748 100644 --- a/2025/1xxx/CVE-2025-1354.json +++ b/2025/1xxx/CVE-2025-1354.json @@ -4,7 +4,7 @@ "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2025-1354", - "ASSIGNER": "cna@vuldb.com", + "ASSIGNER": "security@asus.com", "STATE": "PUBLIC" }, "description": { diff --git a/2025/1xxx/CVE-2025-1455.json b/2025/1xxx/CVE-2025-1455.json new file mode 100644 index 00000000000..67ad7a077c2 --- /dev/null +++ b/2025/1xxx/CVE-2025-1455.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1455", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1456.json b/2025/1xxx/CVE-2025-1456.json new file mode 100644 index 00000000000..f976de594ce --- /dev/null +++ b/2025/1xxx/CVE-2025-1456.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-1456", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/22xxx/CVE-2025-22639.json b/2025/22xxx/CVE-2025-22639.json index 7ba359a6423..25844dbd744 100644 --- a/2025/22xxx/CVE-2025-22639.json +++ b/2025/22xxx/CVE-2025-22639.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22639", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Distance Rate Shipping for WooCommerce allows Blind SQL Injection. This issue affects Distance Rate Shipping for WooCommerce: from n/a through 1.3.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "NotFound", + "product": { + "product_data": [ + { + "product_name": "Distance Rate Shipping for WooCommerce", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.3.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/distance-rate-shipping-for-woocommerce-pro/vulnerability/wordpress-distance-rate-shipping-for-woocommerce-plugin-1-3-4-sql-injection-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/distance-rate-shipping-for-woocommerce-pro/vulnerability/wordpress-distance-rate-shipping-for-woocommerce-plugin-1-3-4-sql-injection-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Aiden (Th\u00e1i An) (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 8.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseSeverity": "HIGH", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22645.json b/2025/22xxx/CVE-2025-22645.json index 0425ed91758..caaddccd130 100644 --- a/2025/22xxx/CVE-2025-22645.json +++ b/2025/22xxx/CVE-2025-22645.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22645", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Restriction of Excessive Authentication Attempts vulnerability in Rameez Iqbal Real Estate Manager allows Password Brute Forcing. This issue affects Real Estate Manager: from n/a through 7.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-307 Improper Restriction of Excessive Authentication Attempts", + "cweId": "CWE-307" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Rameez Iqbal", + "product": { + "product_data": [ + { + "product_name": "Real Estate Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "7.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-property-listing-and-agent-management-plugin-7-3-captcha-bypass-vulnerability-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/real-estate-manager/vulnerability/wordpress-real-estate-manager-property-listing-and-agent-management-plugin-7-3-captcha-bypass-vulnerability-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Marek Mikita (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22650.json b/2025/22xxx/CVE-2025-22650.json index 0106f41e750..9fcf6a70013 100644 --- a/2025/22xxx/CVE-2025-22650.json +++ b/2025/22xxx/CVE-2025-22650.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22650", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erez Hadas-Sonnenschein Smartarget allows Stored XSS. This issue affects Smartarget: from n/a through 1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Erez Hadas-Sonnenschein", + "product": { + "product_data": [ + { + "product_name": "Smartarget", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/smartarget-contact-us/vulnerability/wordpress-smartarget-online-integration-plugin-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/smartarget-contact-us/vulnerability/wordpress-smartarget-online-integration-plugin-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "hunter85 (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 6.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseSeverity": "MEDIUM", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22654.json b/2025/22xxx/CVE-2025-22654.json index 19a5578d465..bfac4bcca2b 100644 --- a/2025/22xxx/CVE-2025-22654.json +++ b/2025/22xxx/CVE-2025-22654.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22654", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in kodeshpa Simplified allows Using Malicious Files. This issue affects Simplified: from n/a through 1.0.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "kodeshpa", + "product": { + "product_data": [ + { + "product_name": "Simplified", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/simplified/vulnerability/wordpress-simplified-plugin-plugin-1-0-6-arbitrary-file-upload-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/simplified/vulnerability/wordpress-simplified-plugin-plugin-1-0-6-arbitrary-file-upload-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Jo\u00e3o Pedro S Alc\u00e2ntara (Kinorth) (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 10, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseSeverity": "CRITICAL", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22656.json b/2025/22xxx/CVE-2025-22656.json index 64eb14e4fd4..c38f1b8b3cf 100644 --- a/2025/22xxx/CVE-2025-22656.json +++ b/2025/22xxx/CVE-2025-22656.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22656", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Oscar Alvarez Cookie Monster allows PHP Local File Inclusion. This issue affects Cookie Monster: from n/a through 1.2.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", + "cweId": "CWE-98" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Oscar Alvarez", + "product": { + "product_data": [ + { + "product_name": "Cookie Monster", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.2.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cookie-monster/vulnerability/wordpress-cookie-monster-plugin-1-2-2-local-file-inclusion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/cookie-monster/vulnerability/wordpress-cookie-monster-plugin-1-2-2-local-file-inclusion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "LVT-tholv2k (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 8.1, + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseSeverity": "HIGH", + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22657.json b/2025/22xxx/CVE-2025-22657.json index ffbafd58fe7..653d66feb19 100644 --- a/2025/22xxx/CVE-2025-22657.json +++ b/2025/22xxx/CVE-2025-22657.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22657", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing Authorization vulnerability in Vito Peleg Atarim allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Atarim: from n/a through 4.0.9." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Vito Peleg", + "product": { + "product_data": [ + { + "product_name": "Atarim", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "4.0.9", + "status": "affected", + "version": "n/a", + "versionType": "custom", + "changes": [ + { + "at": "4.1.0", + "status": "unaffected" + } + ] + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/atarim-visual-collaboration/vulnerability/wordpress-atarim-plugin-4-0-9-arbitrary-content-deletion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/atarim-visual-collaboration/vulnerability/wordpress-atarim-plugin-4-0-9-arbitrary-content-deletion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress Atarim wordpress plugin to the latest available version (at least 4.1.0)." + } + ], + "value": "Update the WordPress Atarim wordpress plugin to the latest available version (at least 4.1.0)." + } + ], + "credits": [ + { + "lang": "en", + "value": "Mika (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseSeverity": "HIGH", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22663.json b/2025/22xxx/CVE-2025-22663.json index 125fc963798..4ae466f44ba 100644 --- a/2025/22xxx/CVE-2025-22663.json +++ b/2025/22xxx/CVE-2025-22663.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22663", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in videowhisper Paid Videochat Turnkey Site allows Path Traversal. This issue affects Paid Videochat Turnkey Site: from n/a through 7.2.12." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "videowhisper", + "product": { + "product_data": [ + { + "product_name": "Paid Videochat Turnkey Site", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "7.2.12", + "status": "affected", + "version": "n/a", + "versionType": "custom", + "changes": [ + { + "at": "7.3", + "status": "unaffected" + } + ] + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ppv-live-webcams/vulnerability/wordpress-paid-videochat-turnkey-site-plugin-7-2-12-arbitrary-file-deletion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/ppv-live-webcams/vulnerability/wordpress-paid-videochat-turnkey-site-plugin-7-2-12-arbitrary-file-deletion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress Paid Videochat Turnkey Site wordpress plugin to the latest available version (at least 7.3)." + } + ], + "value": "Update the WordPress Paid Videochat Turnkey Site wordpress plugin to the latest available version (at least 7.3)." + } + ], + "credits": [ + { + "lang": "en", + "value": "muhammad yudha (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 8.6, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", + "baseSeverity": "HIGH", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/26xxx/CVE-2025-26603.json b/2025/26xxx/CVE-2025-26603.json index 247fa8349af..5746aee6e9f 100644 --- a/2025/26xxx/CVE-2025-26603.json +++ b/2025/26xxx/CVE-2025-26603.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-26603", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, variables and files. It also allows to show the contents of registers using the `:registers` or `:display` ex command. When redirecting the output of `:display` to a register, Vim will free the register content before storing the new content in the register. Now when redirecting the `:display` command to a register that is being displayed, Vim will free the content while shortly afterwards trying to access it, which leads to a use-after-free. Vim pre 9.1.1115 checks in the ex_display() function, that it does not try to redirect to a register while displaying this register at the same time. However this check is not complete, and so Vim does not check the `+` and `*` registers (which typically donate the X11/clipboard registers, and when a clipboard connection is not possible will fall back to use register 0 instead. In Patch 9.1.1115 Vim will therefore skip outputting to register zero when trying to redirect to the clipboard registers `*` or `+`. Users are advised to upgrade. There are no known workarounds for this vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "vim", + "product": { + "product_data": [ + { + "product_name": "vim", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 9.1.1115" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v", + "refsource": "MISC", + "name": "https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v" + }, + { + "url": "https://github.com/vim/vim/commit/c0f0e2380e5954f4a52a131bf6b8", + "refsource": "MISC", + "name": "https://github.com/vim/vim/commit/c0f0e2380e5954f4a52a131bf6b8" + } + ] + }, + "source": { + "advisory": "GHSA-63p5-mwg2-787v", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "baseScore": 4.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/26xxx/CVE-2025-26604.json b/2025/26xxx/CVE-2025-26604.json index 3092d0199c0..bd9b9fd6ee8 100644 --- a/2025/26xxx/CVE-2025-26604.json +++ b/2025/26xxx/CVE-2025-26604.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-26604", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Discord-Bot-Framework-Kernel is a Discord bot framework built with interactions.py, featuring modular extension management and secure execution. Because of the nature of arbitrary user-submited code execution, this allows user to execute potentially malicious code to perform damage or extract sensitive information. By loading the module containing the following code and run the command, the bot token can be extracted. Then the attacker can load a blocking module to sabotage the bot (DDoS attack) and the token can be used to make the fake bot act as the real one. If the bot has very high privilege, the attacker basically has full control before the user kicks the bot. Any Discord user that hosts Discord-Bot-Framework-Kernel before commit f0d9e70841a0e3170b88c4f8d562018ccd8e8b14 is affected. Users are advised to upgrade. Users unable to upgrade may attempt to limit their discord bot's access via configuration options." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", + "cweId": "CWE-200" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Discord-Agora", + "product": { + "product_data": [ + { + "product_name": "Kernel", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "commits before f0d9e70841a0e3170b88c4f8d562018ccd8e8b14" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Discord-Agora/Kernel/security/advisories/GHSA-87jf-gf75-wwfm", + "refsource": "MISC", + "name": "https://github.com/Discord-Agora/Kernel/security/advisories/GHSA-87jf-gf75-wwfm" + }, + { + "url": "https://github.com/Discord-Agora/Kernel/commit/f0d9e70841a0e3170b88c4f8d562018ccd8e8b14", + "refsource": "MISC", + "name": "https://github.com/Discord-Agora/Kernel/commit/f0d9e70841a0e3170b88c4f8d562018ccd8e8b14" + } + ] + }, + "source": { + "advisory": "GHSA-87jf-gf75-wwfm", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/26xxx/CVE-2025-26623.json b/2025/26xxx/CVE-2025-26623.json index eb444e4e09f..9961c71fb36 100644 --- a/2025/26xxx/CVE-2025-26623.json +++ b/2025/26xxx/CVE-2025-26623.json @@ -1,18 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-26623", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A heap buffer overflow was found in Exiv2 versions v0.28.0 to v0.28.4. Versions prior to v0.28.0, such as v0.27.7, are **not** affected. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. The heap overflow is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line argument such as `fixiso`. The bug is fixed in version v0.28.5. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416: Use After Free", + "cweId": "CWE-416" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Exiv2", + "product": { + "product_data": [ + { + "product_name": "exiv2", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.28.0, < 0.28.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7", + "refsource": "MISC", + "name": "https://github.com/Exiv2/exiv2/security/advisories/GHSA-38h4-fx85-qcx7" + }, + { + "url": "https://github.com/Exiv2/exiv2/issues/3168", + "refsource": "MISC", + "name": "https://github.com/Exiv2/exiv2/issues/3168" + } + ] + }, + "source": { + "advisory": "GHSA-38h4-fx85-qcx7", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27013.json b/2025/27xxx/CVE-2025-27013.json index cf846acabc6..394522f324e 100644 --- a/2025/27xxx/CVE-2025-27013.json +++ b/2025/27xxx/CVE-2025-27013.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27013", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing Authorization vulnerability in EPC MediCenter - Health Medical Clinic WordPress Theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MediCenter - Health Medical Clinic WordPress Theme: from n/a through n/a." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "EPC", + "product": { + "product_data": [ + { + "product_name": "MediCenter - Health Medical Clinic WordPress Theme", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThan": "14.7", + "status": "affected", + "version": "n/a", + "versionType": "custom", + "changes": [ + { + "at": "14.7", + "status": "unaffected" + } + ] + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/theme/medicenter/vulnerability/wordpress-medicenter-theme-14-7-sensitive-data-exposure-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/theme/medicenter/vulnerability/wordpress-medicenter-theme-14-7-sensitive-data-exposure-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress MediCenter - Health Medical Clinic WordPress Theme wordpress theme to the latest available version (at least 14.7)." + } + ], + "value": "Update the WordPress MediCenter - Health Medical Clinic WordPress Theme wordpress theme to the latest available version (at least 14.7)." + } + ], + "credits": [ + { + "lang": "en", + "value": "Ananda Dhakal (Patchstack)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "baseSeverity": "MEDIUM", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "version": "3.1" } ] } diff --git a/2025/27xxx/CVE-2025-27016.json b/2025/27xxx/CVE-2025-27016.json index bd8b57e26f6..8810ac03ef9 100644 --- a/2025/27xxx/CVE-2025-27016.json +++ b/2025/27xxx/CVE-2025-27016.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27016", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awsm.in Drivr Lite \u2013 Google Drive Plugin allows Stored XSS. This issue affects Drivr Lite \u2013 Google Drive Plugin: from n/a through 1.0.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "awsm.in", + "product": { + "product_data": [ + { + "product_name": "Drivr Lite \u2013 Google Drive Plugin", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/drivr-google-drive-file-picker/vulnerability/wordpress-drivr-lite-google-drive-plugin-plugin-1-0-1-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/drivr-google-drive-file-picker/vulnerability/wordpress-drivr-lite-google-drive-plugin-plugin-1-0-1-stored-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "theviper17 (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "baseScore": 6.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseSeverity": "MEDIUM", + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "version": "3.1" } ] }