admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-05 02:00:35 +00:00
parent f8c975fe5d
commit 31745bf471
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
10 changed files with 472 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
2025/32xxx/CVE-2025-32906.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_4.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -95,6 +137,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:4440",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4440"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-32906",
"refsource": "MISC",

28
2025/32xxx/CVE-2025-32907.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -68,7 +89,7 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
"defaultStatus": "unaffected"
}
}
]
@ -95,6 +116,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-32907",
"refsource": "MISC",

52
2025/32xxx/CVE-2025-32911.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_4.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -95,6 +137,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:4440",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4440"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-32911",
"refsource": "MISC",

52
2025/32xxx/CVE-2025-32913.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_4.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -95,6 +137,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:4440",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4440"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-32913",
"refsource": "MISC",

26
2025/46xxx/CVE-2025-46420.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -95,6 +116,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-46420",
"refsource": "MISC",

26
2025/46xxx/CVE-2025-46421.json
View File

@ -35,6 +35,27 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.72.0-8.el9_0.4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -95,6 +116,11 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:4439",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:4439"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-46421",
"refsource": "MISC",

117
2025/4xxx/CVE-2025-4258.json
View File

@ -1,17 +1,126 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4258",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2.0. Affected is the function Upload of the file \\youkefu-master\\src\\main\\java\\com\\ukefu\\webim\\web\\handler\\resource\\MediaController.java. The manipulation of the argument imgFile leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in zhangyanbo2007 youkefu bis 4.2.0 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion Upload der Datei \\youkefu-master\\src\\main\\java\\com\\ukefu\\webim\\web\\handler\\resource\\MediaController.java. Dank der Manipulation des Arguments imgFile mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload",
"cweId": "CWE-434"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "zhangyanbo2007",
"product": {
"product_data": [
{
"product_name": "youkefu",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0"
},
{
"version_affected": "=",
"version_value": "4.1"
},
{
"version_affected": "=",
"version_value": "4.2.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.307362",
"refsource": "MISC",
"name": "https://vuldb.com/?id.307362"
},
{
"url": "https://vuldb.com/?ctiid.307362",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.307362"
},
{
"url": "https://vuldb.com/?submit.562848",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.562848"
},
{
"url": "https://github.com/Fc04dB/VUL/blob/main/ukefu_upload.md",
"refsource": "MISC",
"name": "https://github.com/Fc04dB/VUL/blob/main/ukefu_upload.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Fc04dB (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

88
2025/4xxx/CVE-2025-4273.json Normal file
View File

@ -0,0 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-4273",
"ASSIGNER": "security.report@insyde.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the digital signature verification process does not properly validate variable attributes which allows an attacker to bypass signature verification by creating a non-authenticated NVRAM variable. An attacker may to execute arbitrary signed UEFI code and bypass Secure Boot."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Insyde Software",
"product": {
"product_data": [
{
"product_name": "InsydeH2O",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "Kernel 5.1",
"version_value": "5.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.insyde.com/security-pledge/",
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge/"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}
}

18
2025/4xxx/CVE-2025-4274.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4274",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/4xxx/CVE-2025-4275.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4275",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}