From 3191f33fc95effd07f3f4028f66ff7c12a0ae648 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 28 Apr 2025 17:00:35 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/14xxx/CVE-2018-14847.json | 5 ++ 2023/35xxx/CVE-2023-35815.json | 5 ++ 2023/35xxx/CVE-2023-35816.json | 5 ++ 2023/35xxx/CVE-2023-35817.json | 76 ++++++++++++++++++-- 2023/42xxx/CVE-2023-42404.json | 61 +++++++++++++++-- 2024/32xxx/CVE-2024-32499.json | 61 +++++++++++++++-- 2025/21xxx/CVE-2025-21591.json | 4 +- 2025/35xxx/CVE-2025-35975.json | 18 +++++ 2025/36xxx/CVE-2025-36521.json | 18 +++++ 2025/43xxx/CVE-2025-43857.json | 122 +++++++++++++++++++++++++++++++-- 2025/4xxx/CVE-2025-4027.json | 114 ++++++++++++++++++++++++++++-- 2025/4xxx/CVE-2025-4028.json | 114 ++++++++++++++++++++++++++++-- 2025/4xxx/CVE-2025-4043.json | 18 +++++ 13 files changed, 589 insertions(+), 32 deletions(-) create mode 100644 2025/35xxx/CVE-2025-35975.json create mode 100644 2025/36xxx/CVE-2025-36521.json create mode 100644 2025/4xxx/CVE-2025-4043.json diff --git a/2018/14xxx/CVE-2018-14847.json b/2018/14xxx/CVE-2018-14847.json index 35b427d2f5f..a81031d2694 100644 --- a/2018/14xxx/CVE-2018-14847.json +++ b/2018/14xxx/CVE-2018-14847.json @@ -86,6 +86,11 @@ "name": "https://github.com/tenable/routeros/tree/master/poc/bytheway", "refsource": "MISC", "url": "https://github.com/tenable/routeros/tree/master/poc/bytheway" + }, + { + "refsource": "CONFIRM", + "name": "https://mikrotik.com/supportsec/winbox-vulnerability", + "url": "https://mikrotik.com/supportsec/winbox-vulnerability" } ] } diff --git a/2023/35xxx/CVE-2023-35815.json b/2023/35xxx/CVE-2023-35815.json index 7b7bb91bb41..ade8644af67 100644 --- a/2023/35xxx/CVE-2023-35815.json +++ b/2023/35xxx/CVE-2023-35815.json @@ -62,6 +62,11 @@ "refsource": "MISC", "name": "https://supportcenter.devexpress.com/ticket/details/t1159142/web-reporting-data-source-protection-bypassed-during-xml-deserialization" }, + { + "refsource": "MISC", + "name": "https://code-white.com/public-vulnerability-list/", + "url": "https://code-white.com/public-vulnerability-list/" + }, { "refsource": "MISC", "name": "https://supportcenter.devexpress.com/ticket/details/t1141947/data-source-protection-bypass-during-xml-deserialization", diff --git a/2023/35xxx/CVE-2023-35816.json b/2023/35xxx/CVE-2023-35816.json index 9ac519cf2ac..f6c43c4b214 100644 --- a/2023/35xxx/CVE-2023-35816.json +++ b/2023/35xxx/CVE-2023-35816.json @@ -62,6 +62,11 @@ "refsource": "MISC", "name": "https://supportcenter.devexpress.com/ticket/details/t1159641/net-desktop-and-web-controls-unsafe-data-type-deserialization" }, + { + "refsource": "MISC", + "name": "https://code-white.com/public-vulnerability-list/", + "url": "https://code-white.com/public-vulnerability-list/" + }, { "refsource": "MISC", "name": "https://supportcenter.devexpress.com/ticket/details/t1127422/insecure-arbitrary-typeconverter-conversion", diff --git a/2023/35xxx/CVE-2023-35817.json b/2023/35xxx/CVE-2023-35817.json index 004c8e4393c..32f58ffa42e 100644 --- a/2023/35xxx/CVE-2023-35817.json +++ b/2023/35xxx/CVE-2023-35817.json @@ -1,17 +1,81 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-35817", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-35817", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "DevExpress before 23.1.3 allows AsyncDownloader SSRF." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://supportcenter.devexpress.com/ticket/details/t394936/devexpress-security-advisory-updated-on-april-27-2023", + "refsource": "MISC", + "name": "https://supportcenter.devexpress.com/ticket/details/t394936/devexpress-security-advisory-updated-on-april-27-2023" + }, + { + "url": "https://supportcenter.devexpress.com/ticket/details/t1161404/report-and-dashboard-server-improper-default-configuration-can-lead-to-ssrf-attacks", + "refsource": "MISC", + "name": "https://supportcenter.devexpress.com/ticket/details/t1161404/report-and-dashboard-server-improper-default-configuration-can-lead-to-ssrf-attacks" + }, + { + "url": "https://supportcenter.devexpress.com/ticket/details/t1162045/reporting-bi-dashboard-office-file-api-web-app-configuration-to-help-prevent-ssrf-attacks", + "refsource": "MISC", + "name": "https://supportcenter.devexpress.com/ticket/details/t1162045/reporting-bi-dashboard-office-file-api-web-app-configuration-to-help-prevent-ssrf-attacks" + }, + { + "refsource": "MISC", + "name": "https://code-white.com/public-vulnerability-list/", + "url": "https://code-white.com/public-vulnerability-list/" + }, + { + "refsource": "MISC", + "name": "https://supportcenter.devexpress.com/ticket/details/t1157209/server-side-request-forgery-via-asyncdownloader", + "url": "https://supportcenter.devexpress.com/ticket/details/t1157209/server-side-request-forgery-via-asyncdownloader" } ] } diff --git a/2023/42xxx/CVE-2023-42404.json b/2023/42xxx/CVE-2023-42404.json index d4b662e03ec..0f289eb22f9 100644 --- a/2023/42xxx/CVE-2023-42404.json +++ b/2023/42xxx/CVE-2023-42404.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-42404", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-42404", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.onevision.com/", + "refsource": "MISC", + "name": "https://www.onevision.com/" + }, + { + "refsource": "MISC", + "name": "https://code-white.com/public-vulnerability-list/", + "url": "https://code-white.com/public-vulnerability-list/" } ] } diff --git a/2024/32xxx/CVE-2024-32499.json b/2024/32xxx/CVE-2024-32499.json index cb880dcb2ee..6cc6afb810c 100644 --- a/2024/32xxx/CVE-2024-32499.json +++ b/2024/32xxx/CVE-2024-32499.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-32499", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-32499", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://code-white.com/public-vulnerability-list/", + "url": "https://code-white.com/public-vulnerability-list/" + }, + { + "url": "https://www.newforma.com/newforma-project-center/", + "refsource": "MISC", + "name": "https://www.newforma.com/newforma-project-center/" } ] } diff --git a/2025/21xxx/CVE-2025-21591.json b/2025/21xxx/CVE-2025-21591.json index f4e7ca47379..8afbcae0d74 100644 --- a/2025/21xxx/CVE-2025-21591.json +++ b/2025/21xxx/CVE-2025-21591.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service (DoS) condition.\n\nContinuous receipt of these DHCP packets using the malformed DHCP Option will create a sustained Denial of Service (DoS) condition.\n\n\nThis issue affects Junos OS:\n\n\n\n * from 23.1R1 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S3,\n * from 24.2 before 24.2R2.\n\n\nThis issue isn't applicable to any versions of Junos OS before 23.1R1. \n\n\n\nThis issue doesn't affect vSRX Series which doesn't support DHCP Snooping. \n\nThis issue doesn't affect Junos OS Evolved.\n\nThere are no indicators of compromise for this issue." + "value": "A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP packet with a malformed DHCP option to cause jdhcp to crash creating a Denial of Service (DoS) condition.\n\nContinuous receipt of these DHCP packets using the malformed DHCP Option will create a sustained Denial of Service (DoS) condition.\n\n\nThis issue affects Junos OS:\n\n\n\n * from 23.1 before 23.2R2-S3,\n * from 23.4 before 23.4R2-S3,\n * from 24.2 before 24.2R2.\n\n\nThis issue isn't applicable to any versions of Junos OS before 23.1R1. \n\n\n\nThis issue doesn't affect vSRX Series which doesn't support DHCP Snooping. \n\nThis issue doesn't affect Junos OS Evolved.\n\nThere are no indicators of compromise for this issue." } ] }, @@ -46,7 +46,7 @@ { "lessThan": "23.2R2-S3", "status": "affected", - "version": "23.1R1", + "version": "23.1", "versionType": "semver" }, { diff --git a/2025/35xxx/CVE-2025-35975.json b/2025/35xxx/CVE-2025-35975.json new file mode 100644 index 00000000000..3d9834293f5 --- /dev/null +++ b/2025/35xxx/CVE-2025-35975.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-35975", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/36xxx/CVE-2025-36521.json b/2025/36xxx/CVE-2025-36521.json new file mode 100644 index 00000000000..41e04e2e37b --- /dev/null +++ b/2025/36xxx/CVE-2025-36521.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-36521", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43857.json b/2025/43xxx/CVE-2025-43857.json index 8a71c9c317a..bb402a0c4f2 100644 --- a/2025/43xxx/CVE-2025-43857.json +++ b/2025/43xxx/CVE-2025-43857.json @@ -1,18 +1,132 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-43857", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is a possibility for denial of service by memory exhaustion when net-imap reads server responses. At any time while the client is connected, a malicious server can send can send a \"literal\" byte count, which is automatically read by the client's receiver thread. The response reader immediately allocates memory for the number of bytes indicated by the server response. This should not be an issue when securely connecting to trusted IMAP servers that are well-behaved. It can affect insecure connections and buggy, untrusted, or compromised servers (for example, connecting to a user supplied hostname). This issue has been patched in versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400: Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-770: Allocation of Resources Without Limits or Throttling", + "cweId": "CWE-770" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-789: Memory Allocation with Excessive Size Value", + "cweId": "CWE-789" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-405: Asymmetric Resource Consumption (Amplification)", + "cweId": "CWE-405" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ruby", + "product": { + "product_data": [ + { + "product_name": "net-imap", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.5.0, < 0.5.7" + }, + { + "version_affected": "=", + "version_value": ">= 0.4.0, < 0.4.20" + }, + { + "version_affected": "=", + "version_value": ">= 0.3.0, < 0.3.9" + }, + { + "version_affected": "=", + "version_value": ">= 0, < 0.2.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/security/advisories/GHSA-j3g3-5qv5-52mj" + }, + { + "url": "https://github.com/ruby/net-imap/pull/442", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/pull/442" + }, + { + "url": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/pull/444/commits/0ae8576c1a90bcd9573f81bdad4b4b824642d105#diff-53721cb4d9c3fb86b95cc8476ca2df90968ad8c481645220c607034399151462" + }, + { + "url": "https://github.com/ruby/net-imap/pull/445", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/pull/445" + }, + { + "url": "https://github.com/ruby/net-imap/pull/446", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/pull/446" + }, + { + "url": "https://github.com/ruby/net-imap/pull/447", + "refsource": "MISC", + "name": "https://github.com/ruby/net-imap/pull/447" + } + ] + }, + "source": { + "advisory": "GHSA-j3g3-5qv5-52mj", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4027.json b/2025/4xxx/CVE-2025-4027.json index 0b833416c10..c64963ed24e 100644 --- a/2025/4xxx/CVE-2025-4027.json +++ b/2025/4xxx/CVE-2025-4027.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4027", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/rules.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in PHPGurukul Old Age Home Management System 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /admin/rules.php. Durch das Manipulieren des Arguments pagetitle mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Old Age Home Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.306390", + "refsource": "MISC", + "name": "https://vuldb.com/?id.306390" + }, + { + "url": "https://vuldb.com/?ctiid.306390", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.306390" + }, + { + "url": "https://vuldb.com/?submit.559159", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.559159" + }, + { + "url": "https://github.com/Q3qc1n/myCVE/issues/2", + "refsource": "MISC", + "name": "https://github.com/Q3qc1n/myCVE/issues/2" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Lum1n0us (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/4xxx/CVE-2025-4028.json b/2025/4xxx/CVE-2025-4028.json index 97249359552..778b6e807e8 100644 --- a/2025/4xxx/CVE-2025-4028.json +++ b/2025/4xxx/CVE-2025-4028.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4028", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + }, + { + "lang": "deu", + "value": "In PHPGurukul COVID19 Testing Management System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /profile.php. Durch Manipulieren des Arguments mobilenumber mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "COVID19 Testing Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.306391", + "refsource": "MISC", + "name": "https://vuldb.com/?id.306391" + }, + { + "url": "https://vuldb.com/?ctiid.306391", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.306391" + }, + { + "url": "https://vuldb.com/?submit.559193", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.559193" + }, + { + "url": "https://github.com/JunZ-Leo/CVE/issues/1", + "refsource": "MISC", + "name": "https://github.com/JunZ-Leo/CVE/issues/1" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Junz_Leo (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/4xxx/CVE-2025-4043.json b/2025/4xxx/CVE-2025-4043.json new file mode 100644 index 00000000000..0d51c0397da --- /dev/null +++ b/2025/4xxx/CVE-2025-4043.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4043", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file