From 39f00eb14ce47a2fc42be265c8d3ebbf8cad09fa Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 10 Apr 2025 06:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13874.json | 72 +++++++++++++++++++++++++++--- 2024/13xxx/CVE-2024-13896.json | 81 +++++++++++++++++++++++++++++++--- 2025/0xxx/CVE-2025-0539.json | 73 +++++++++++++++++++++++++++--- 2025/32xxx/CVE-2025-32744.json | 18 ++++++++ 2025/32xxx/CVE-2025-32745.json | 18 ++++++++ 2025/32xxx/CVE-2025-32746.json | 18 ++++++++ 2025/32xxx/CVE-2025-32747.json | 18 ++++++++ 2025/32xxx/CVE-2025-32748.json | 18 ++++++++ 2025/32xxx/CVE-2025-32749.json | 18 ++++++++ 2025/32xxx/CVE-2025-32750.json | 18 ++++++++ 2025/32xxx/CVE-2025-32751.json | 18 ++++++++ 2025/32xxx/CVE-2025-32752.json | 18 ++++++++ 2025/32xxx/CVE-2025-32753.json | 18 ++++++++ 2025/3xxx/CVE-2025-3493.json | 18 ++++++++ 2025/3xxx/CVE-2025-3494.json | 18 ++++++++ 15 files changed, 427 insertions(+), 15 deletions(-) create mode 100644 2025/32xxx/CVE-2025-32744.json create mode 100644 2025/32xxx/CVE-2025-32745.json create mode 100644 2025/32xxx/CVE-2025-32746.json create mode 100644 2025/32xxx/CVE-2025-32747.json create mode 100644 2025/32xxx/CVE-2025-32748.json create mode 100644 2025/32xxx/CVE-2025-32749.json create mode 100644 2025/32xxx/CVE-2025-32750.json create mode 100644 2025/32xxx/CVE-2025-32751.json create mode 100644 2025/32xxx/CVE-2025-32752.json create mode 100644 2025/32xxx/CVE-2025-32753.json create mode 100644 2025/3xxx/CVE-2025-3493.json create mode 100644 2025/3xxx/CVE-2025-3494.json diff --git a/2024/13xxx/CVE-2024-13874.json b/2024/13xxx/CVE-2024-13874.json index b864c1d9899..f1df058d5be 100644 --- a/2024/13xxx/CVE-2024-13874.json +++ b/2024/13xxx/CVE-2024-13874.json @@ -1,18 +1,80 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-13874", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-Site Scripting (XSS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "Feedify", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "0", + "version_value": "2.4.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/c808e7cf-3285-402b-ab4f-a40ab822b12e/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Hassan Khan Yusufzai - Splint3r7" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13896.json b/2024/13xxx/CVE-2024-13896.json index 56c2991a58a..f7838c92de9 100644 --- a/2024/13xxx/CVE-2024-13896.json +++ b/2024/13xxx/CVE-2024-13896.json @@ -1,18 +1,89 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-13896", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "contact@wpscan.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The WP-GeSHi-Highlight \u2014 rock-solid syntax highlighting for 259 languages WordPress plugin through 1.4.3 processes user-supplied input as a regular expression via the wp_geshi_filter_replace_code() function, which could lead to Regular Expression Denial of Service (ReDoS) issue" } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400 Uncontrolled Resource Consumption" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Unknown", + "product": { + "product_data": [ + { + "product_name": "WP-GeSHi-Highlight \u2014 rock-solid syntax highlighting for 259 languages", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "status": "affected", + "versionType": "semver", + "version": "0", + "lessThanOrEqual": "1.4.3" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://wpscan.com/vulnerability/b8b622ea-e090-45ad-8755-b050fc055231/", + "refsource": "MISC", + "name": "https://wpscan.com/vulnerability/b8b622ea-e090-45ad-8755-b050fc055231/" + } + ] + }, + "generator": { + "engine": "WPScan CVE Generator" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Pierre Rudloff" + }, + { + "lang": "en", + "value": "WPScan" + } + ] } \ No newline at end of file diff --git a/2025/0xxx/CVE-2025-0539.json b/2025/0xxx/CVE-2025-0539.json index 0107d7f8cd8..e87f310fced 100644 --- a/2025/0xxx/CVE-2025-0539.json +++ b/2025/0xxx/CVE-2025-0539.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0539", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@octopus.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In affected Microsoft Windows versions of Octopus Deploy, the server can be coerced into sending server-side requests that contain authentication material allowing a suitably positioned attacker to compromise the account running Octopus Server and potentially the host infrastructure itself." } ] - } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Server Side Request Forgery" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Octopus Deploy", + "product": { + "product_data": [ + { + "product_name": "Octopus Server", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2.6.0", + "version_value": "2024.3.13071" + }, + { + "version_affected": "<", + "version_name": "2024.4.401", + "version_value": "2024.4.7065" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://advisories.octopus.com/post/2025/sa2025-06", + "refsource": "MISC", + "name": "https://advisories.octopus.com/post/2025/sa2025-06" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "This vulnerability was found by Edward Prior (@JankhJankh)" + } + ] } \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32744.json b/2025/32xxx/CVE-2025-32744.json new file mode 100644 index 00000000000..7453a02c149 --- /dev/null +++ b/2025/32xxx/CVE-2025-32744.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32744", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32745.json b/2025/32xxx/CVE-2025-32745.json new file mode 100644 index 00000000000..95e936a5eec --- /dev/null +++ b/2025/32xxx/CVE-2025-32745.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32745", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32746.json b/2025/32xxx/CVE-2025-32746.json new file mode 100644 index 00000000000..d075f46b12f --- /dev/null +++ b/2025/32xxx/CVE-2025-32746.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32746", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32747.json b/2025/32xxx/CVE-2025-32747.json new file mode 100644 index 00000000000..b4e1a01803f --- /dev/null +++ b/2025/32xxx/CVE-2025-32747.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32747", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32748.json b/2025/32xxx/CVE-2025-32748.json new file mode 100644 index 00000000000..9ded4e13fa6 --- /dev/null +++ b/2025/32xxx/CVE-2025-32748.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32748", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32749.json b/2025/32xxx/CVE-2025-32749.json new file mode 100644 index 00000000000..9babdfea4d2 --- /dev/null +++ b/2025/32xxx/CVE-2025-32749.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32749", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32750.json b/2025/32xxx/CVE-2025-32750.json new file mode 100644 index 00000000000..16d6a692f26 --- /dev/null +++ b/2025/32xxx/CVE-2025-32750.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32750", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32751.json b/2025/32xxx/CVE-2025-32751.json new file mode 100644 index 00000000000..e6710fb9020 --- /dev/null +++ b/2025/32xxx/CVE-2025-32751.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32751", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32752.json b/2025/32xxx/CVE-2025-32752.json new file mode 100644 index 00000000000..e7041ec603d --- /dev/null +++ b/2025/32xxx/CVE-2025-32752.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32752", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32753.json b/2025/32xxx/CVE-2025-32753.json new file mode 100644 index 00000000000..ba971f3f6a9 --- /dev/null +++ b/2025/32xxx/CVE-2025-32753.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-32753", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3493.json b/2025/3xxx/CVE-2025-3493.json new file mode 100644 index 00000000000..f442ec1c395 --- /dev/null +++ b/2025/3xxx/CVE-2025-3493.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3493", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3494.json b/2025/3xxx/CVE-2025-3494.json new file mode 100644 index 00000000000..89149ab91b8 --- /dev/null +++ b/2025/3xxx/CVE-2025-3494.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3494", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file