admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-03 20:00:38 +00:00
parent bb3679b898
commit 37e484f4c5
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
49 changed files with 2152 additions and 147 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2024/11xxx/CVE-2024-11132.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11132",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "imithemes",
"product": {
"product_data": [
{
"product_name": "Eventer - WordPress Event & Booking Manager Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "3.9.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b747d61-4528-485e-b746-6dddc64485b5?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/2b747d61-4528-485e-b746-6dddc64485b5?source=cve"
},
{
"url": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534",
"refsource": "MISC",
"name": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534"
}
]
},
"credits": [
{
"lang": "en",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

76
2024/11xxx/CVE-2024-11133.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11133",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function in all versions up to, and including, 3.9.9. This makes it possible for unauthenticated attackers to download event tickets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "imithemes",
"product": {
"product_data": [
{
"product_name": "Eventer - WordPress Event & Booking Manager Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "3.9.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1d78b823-fdff-41b2-8059-6564e3eb668d?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/1d78b823-fdff-41b2-8059-6564e3eb668d?source=cve"
},
{
"url": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534",
"refsource": "MISC",
"name": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534"
}
]
},
"credits": [
{
"lang": "en",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

76
2024/11xxx/CVE-2024-11134.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-11134",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all versions up to, and including, 3.9.9. This makes it possible for authenticated attackers with subscriber-level permissions or above, to download bookings, which contains customers' personal data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "imithemes",
"product": {
"product_data": [
{
"product_name": "Eventer - WordPress Event & Booking Manager Plugin",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "3.9.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/476bc092-c623-4caf-9676-3036d27c4840?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/476bc092-c623-4caf-9676-3036d27c4840?source=cve"
},
{
"url": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534",
"refsource": "MISC",
"name": "https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534"
}
]
},
"credits": [
{
"lang": "en",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
}
]
}

94
2024/12xxx/CVE-2024-12085.json
View File

@ -98,6 +98,90 @@
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.1.3-7.el8_2.3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.1.3-12.el8_4.3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.1.3-12.el8_4.3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:3.1.3-12.el8_4.3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
"version": {
@ -359,6 +443,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0849"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0884",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0884"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0885",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0885"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-12085",
"refsource": "MISC",

199
2024/12xxx/CVE-2024-12510.json
View File

@ -40,11 +40,204 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_affected": "<",
"version_name": "0",
"version_value": "37.82.53"
}
]
}
},
{
"product_name": "Versalink B405",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "38.82.53"
}
]
}
},
{
"product_name": "Versalink C400",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "67.82.53"
}
]
}
},
{
"product_name": "Versalink C405",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "68.82.53"
}
]
}
},
{
"product_name": "Versalink B600/B610",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "32.82.53"
}
]
}
},
{
"product_name": "Versalink B605/B615",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "33.82.53"
}
]
}
},
{
"product_name": "Versalink C500/C600",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "61.82.53"
}
]
}
},
{
"product_name": "Versalink C505/C605",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "62.82.53"
}
]
}
},
{
"product_name": "Versalink C7000",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "56.75.53"
}
]
}
},
{
"product_name": "Versalink C7020/C7025/C7030",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "57.75.53"
}
]
}
},
{
"product_name": "Versalink B7025/B7030/B7035",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "58.75.53"
}
]
}
},
{
"product_name": "Versalink B7125/B7130/B7135",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "59.24.53"
}
]
}
},
{
"product_name": "Versalink C7120/C7125/C7130",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "69.24.53"
}
]
}
},
{
"product_name": "Versalink C8000/C9000",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "70.75.53"
}
]
}
},
{
"product_name": "Versalink C8000W",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "72.75.53"
}
]
}
},
{
"product_name": "Phaser 6510",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "64.75.53"
}
]
}
},
{
"product_name": "WorkCentre 6515",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "65.75.53"
}
]
}
}
]
}
@ -55,9 +248,9 @@
"references": {
"reference_data": [
{
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AEfor-VersaLinkPhaser-and-WorkCentre.pdf",
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf",
"refsource": "MISC",
"name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AEfor-VersaLinkPhaser-and-WorkCentre.pdf"
"name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf"
}
]
},

269
2024/12xxx/CVE-2024-12511.json
View File

@ -1,17 +1,280 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12511",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management",
"cweId": "CWE-269"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Xerox",
"product": {
"product_data": [
{
"product_name": "Versalink B400",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "37.82.53"
}
]
}
},
{
"product_name": "Versalink B405",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "38.82.53"
}
]
}
},
{
"product_name": "Versalink C400",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "67.82.53"
}
]
}
},
{
"product_name": "Versalink C405",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "68.82.53"
}
]
}
},
{
"product_name": "Versalink B600/B610",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "32.82.53"
}
]
}
},
{
"product_name": "Versalink B605/B615",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "33.82.53"
}
]
}
},
{
"product_name": "Versalink C500/C600",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "61.82.53"
}
]
}
},
{
"product_name": "Versalink C505/C605",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "62.82.53"
}
]
}
},
{
"product_name": "Versalink C7000",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "56.75.53"
}
]
}
},
{
"product_name": "Versalink C7020/C7025/C7030",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "57.75.53"
}
]
}
},
{
"product_name": "Versalink B7025/B7030/B7035",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "58.75.53"
}
]
}
},
{
"product_name": "Versalink B7125/B7130/B7135",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "59.24.53"
}
]
}
},
{
"product_name": "Versalink C7120/C7125/C7130",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "69.24.53"
}
]
}
},
{
"product_name": "Versalink C8000/C9000",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "70.75.53"
}
]
}
},
{
"product_name": "Versalink C8000W",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "72.75.53"
}
]
}
},
{
"product_name": "Phaser 6510",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "64.75.53"
}
]
}
},
{
"product_name": "WorkCentre 6515",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "0",
"version_value": "65.75.53"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf",
"refsource": "MISC",
"name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/02/Xerox-Security-Bulletin-XRX25-003-for-Xerox%C2%AE-for-VersaLinkPhaser-and-WorkCentre.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
}
]
}

76
2024/12xxx/CVE-2024-12859.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-12859",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.8.0 via the 'boombox_listing' shortcode 'type' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')",
"cweId": "CWE-98"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PX-lab",
"product": {
"product_data": [
{
"product_name": "BoomBox Theme Extensions",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "1.8.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3a647b6-ed9e-402d-9424-2937f7aa8960?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/c3a647b6-ed9e-402d-9424-2937f7aa8960?source=cve"
},
{
"url": "https://documentation.px-lab.com/boombox/changelog/",
"refsource": "MISC",
"name": "https://documentation.px-lab.com/boombox/changelog/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

78
2024/52xxx/CVE-2024-52336.json
View File

@ -35,6 +35,48 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Fast Datapath for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
@ -83,32 +125,6 @@
]
}
},
{
"product_name": "Fast Datapath for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -161,6 +177,16 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2024:10384"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0879",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0879"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0880",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0880"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-52336",
"refsource": "MISC",

117
2024/52xxx/CVE-2024-52337.json
View File

@ -35,6 +35,69 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Fast Datapath for Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.11.0-5.el7fdp.2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
"version": {
@ -287,45 +350,6 @@
]
}
},
{
"product_name": "Fast Datapath for RHEL 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for RHEL 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Fast Datapath for RHEL 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
@ -377,6 +401,21 @@
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0368"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0879",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0879"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0880",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0880"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:0881",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2025:0881"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2024-52337",
"refsource": "MISC",

61
2024/56xxx/CVE-2024-56921.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56921",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-56921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() function upon receipt of the Nausf_UEAuthentication_Authenticate response."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/open5gs/open5gs/issues/3608",
"refsource": "MISC",
"name": "https://github.com/open5gs/open5gs/issues/3608"
},
{
"url": "https://github.com/open5gs/open5gs/commit/f780f9af45c27b6f49987d96ba71dedb3dd85840",
"refsource": "MISC",
"name": "https://github.com/open5gs/open5gs/commit/f780f9af45c27b6f49987d96ba71dedb3dd85840"
}
]
}

56
2024/57xxx/CVE-2024-57097.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57097",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57097",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ClassCMS/ClassCMS/issues/5",
"refsource": "MISC",
"name": "https://github.com/ClassCMS/ClassCMS/issues/5"
}
]
}

56
2024/57xxx/CVE-2024-57098.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57098",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57098",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/deep-project/moss/issues/13",
"refsource": "MISC",
"name": "https://github.com/deep-project/moss/issues/13"
}
]
}

56
2024/57xxx/CVE-2024-57099.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57099",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, allowing them to execute arbitrary code and potentially take control of the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/ClassCMS/ClassCMS/issues/6",
"refsource": "MISC",
"name": "https://github.com/ClassCMS/ClassCMS/issues/6"
}
]
}

61
2024/57xxx/CVE-2024-57237.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57237",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57237",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to Cross Site Scripting (XSS) in the /reqproc/proc_get endpoint. The vulnerability arises because the cmd parameter does not properly sanitize input and the response is served with a Content-Type of text/html. This behavior allows the browser to execute injected JavaScript code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://prolink2u.com/products/dl-7203e-b",
"refsource": "MISC",
"name": "https://prolink2u.com/products/dl-7203e-b"
},
{
"refsource": "MISC",
"name": "https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-xss-cve-2024-57237",
"url": "https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-xss-cve-2024-57237"
}
]
}

61
2024/57xxx/CVE-2024-57238.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57238",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/proc_get endpoint. The vulnerability allows an attacker to manipulate SQL queries by injecting malicious SQL code into the order_by parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://prolink2u.com/products/dl-7203e-b",
"refsource": "MISC",
"name": "https://prolink2u.com/products/dl-7203e-b"
},
{
"refsource": "MISC",
"name": "https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-sqli-cve-2024-57238",
"url": "https://harryha.substack.com/p/4g-lte-mobile-wifi-dl7203e-sqli-cve-2024-57238"
}
]
}

56
2024/57xxx/CVE-2024-57450.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57450",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57450",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ChestnutCMS <=1.5.0 is vulnerable to File Upload via the Create template function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://locrian-lightning-dc7.notion.site/File-Upload-1628e5e2b1a2806a99b8faf140bd5e42",
"refsource": "MISC",
"name": "https://locrian-lightning-dc7.notion.site/File-Upload-1628e5e2b1a2806a99b8faf140bd5e42"
}
]
}

66
2024/57xxx/CVE-2024-57669.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-57669",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2024-57669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker to obtain sensitive information via the BackupController.java file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/94fzb/zrlog/issues/193",
"url": "https://github.com/94fzb/zrlog/issues/193"
},
{
"refsource": "MISC",
"name": "https://github.com/HypeDuke/vulnerable-research/blob/main/CVE-2024-57669",
"url": "https://github.com/HypeDuke/vulnerable-research/blob/main/CVE-2024-57669"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/94fzb/zrlog-plugin-backup-sql-file/commit/32bdb36e6cc4f0b72e1ba85ef4458fb980946ea4",
"url": "https://github.com/94fzb/zrlog-plugin-backup-sql-file/commit/32bdb36e6cc4f0b72e1ba85ef4458fb980946ea4"
}
]
}

67
2024/57xxx/CVE-2024-57968.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-57968",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users). upload.aspx can be used for this."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1",
"refsource": "MISC",
"name": "https://advantive.my.site.com/support/s/article/VeraCore-Release-Notes-2024-4-2-1"
},
{
"refsource": "MISC",
"name": "https://intezer.com/blog/research/xe-group-exploiting-zero-days/",
"url": "https://intezer.com/blog/research/xe-group-exploiting-zero-days/"
}
]
}
}

56
2025/22xxx/CVE-2025-22978.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-22978",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-22978",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/elunez/eladmin/issues/863",
"refsource": "MISC",
"name": "https://github.com/elunez/eladmin/issues/863"
}
]
}

2
2025/23xxx/CVE-2025-23011.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives (\"Zip Slip\"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23)."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives (\"Zip Slip\"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23)."
}
]
},

2
2025/23xxx/CVE-2025-23012.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) with default credentials and privileges to read read local files by manipulating datastreams. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23)."
"value": "** UNSUPPPORTED WHEN ASSIGNED ** Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) with default credentials and privileges to read read local files by manipulating datastreams. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23)."
}
]
},

58
2025/25xxx/CVE-2025-25064.json
View File

@ -5,13 +5,67 @@
"CVE_data_meta": {
"ID": "CVE-2025-25064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SQL injection vulnerability in the ZimbraSyncService SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4."
}
]
}

63
2025/25xxx/CVE-2025-25065.json
View File

@ -5,13 +5,72 @@
"CVE_data_meta": {
"ID": "CVE-2025-25065",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes"
},
{
"refsource": "CONFIRM",
"name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P43#Security_Fixes",
"url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P43#Security_Fixes"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to internal network endpoints."
}
]
}

67
2025/25xxx/CVE-2025-25181.json Normal file
View File

@ -0,0 +1,67 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2025-25181",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://advantive.my.site.com/support/s/knowledge",
"refsource": "MISC",
"name": "https://advantive.my.site.com/support/s/knowledge"
},
{
"refsource": "MISC",
"name": "https://intezer.com/blog/research/xe-group-exploiting-zero-days/",
"url": "https://intezer.com/blog/research/xe-group-exploiting-zero-days/"
}
]
}
}

18
2025/25xxx/CVE-2025-25182.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25182",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25183.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25183",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25184.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25184",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25185.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25185",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25186.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25186",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25187.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25187",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25188.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25188",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25189.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25189",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25190.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25190",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25191.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25191",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25192.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25192",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25193.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25193",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25194.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25194",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25195.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25196.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25197.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25197",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25198.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25199.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25199",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25200.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25200",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25201.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25201",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25202.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25202",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25203.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25203",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25204.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25204",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25205.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25205",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2025/25xxx/CVE-2025-25206.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25206",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}