admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-06 02:00:34 +00:00
parent 5d225428d9
commit 410acdcf71
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
13 changed files with 611 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
2024/39xxx/CVE-2024-39442.json
View File

@ -1,17 +1,72 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-39442",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@unisoc.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In sprd ssense service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "cwe-862 Missing Authorization"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unisoc (Shanghai) Technologies Co., Ltd.",
"product": {
"product_data": [
{
"product_name": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000/T8300/T9300",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Android13/Android14/Android15"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.unisoc.com/en_us/secy/announcementDetail/1919552952486395905",
"refsource": "MISC",
"name": "https://www.unisoc.com/en_us/secy/announcementDetail/1919552952486395905"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
]
}

17
2025/1xxx/CVE-2025-1121.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Privilege escalation in Installer and Recovery image handling in Google ChromeOS 123.0.6312.112 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image."
"value": "Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code \nexecution and potentially unenroll enterprise-managed devices via a specially crafted recovery image."
}
]
},
@ -21,7 +21,7 @@
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
"value": "Code execution and \nPrivilege Escalation"
}
]
}
@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "123.0.6312.112"
"version_affected": "<",
"version_name": "15786.48.2",
"version_value": "15786.48.2"
}
]
}
@ -57,10 +58,12 @@
"url": "https://issuetracker.google.com/issues/336153054",
"refsource": "MISC",
"name": "https://issuetracker.google.com/issues/336153054"
},
{
"url": "https://issues.chromium.org/issues/b/336153054",
"refsource": "MISC",
"name": "https://issues.chromium.org/issues/b/336153054"
}
]
},
"generator": {
"engine": "cveClient/1.0.15"
}
}

6
2025/1xxx/CVE-2025-1122.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and \nBypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process."
"value": "Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and \nBypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process."
}
]
},
@ -40,8 +40,8 @@
"version_data": [
{
"version_affected": "<",
"version_name": "122.0.6261.132",
"version_value": "122.0.6261.132"
"version_name": "15753.50.0",
"version_value": "15753.50.0"
}
]
}

7
2025/1xxx/CVE-2025-1566.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 129.0.6668.36 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions."
"value": "DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions."
}
]
},
@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "129.0.6668.36"
"version_affected": "<",
"version_name": "16002.23.0",
"version_value": "16002.23.0"
}
]
}

7
2025/1xxx/CVE-2025-1568.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0.6778.268 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS projects and potentially achieve Remote Code Execution and Denial of Service via editing trusted pipelines by insufficient access controls and misconfigurations in Gerrit's project.config."
"value": "or other security impacts via manipulating IPSET_ATTR_CIDR Netlink attribute without proper bounds checking on the modified IP address in bitmap_ip_uadt"
}
]
},
@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "131.0.6778.268"
"version_affected": "<",
"version_name": "16063.87.0",
"version_value": "16063.87.0"
}
]
}

7
2025/1xxx/CVE-2025-1704.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 124.0.6367.34 on Chromebooks allows enrolled users with local access to unenroll devices \nand intercept device management requests via loading components from the unencrypted stateful partition."
"value": "ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices \nand intercept device management requests via loading components from the unencrypted stateful partition."
}
]
},
@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "124.0.6367.34"
"version_affected": "<",
"version_name": "15823.23.0",
"version_value": "15823.23.0"
}
]
}

7
2025/2xxx/CVE-2025-2073.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "Out-of-Bounds Read in ip_set_bitmap_ip.c in Google ChromeOS Kernel Versions 6.1, 5.15, 5.10, 5.4, 4.19. on All devices where Termina is used allows an attacker with CAP_NET_ADMIN privileges to cause memory corruption and potentially escalate privileges via crafted ipset commands."
"value": "Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure"
}
]
},
@ -39,8 +39,9 @@
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Kernal version 6.1"
"version_affected": "<",
"version_name": "Kernal version 6.1, 5.15. 5.10, 4.19\nchromeOS version 16093.103.0",
"version_value": "Kernal version 6.1, 5.15. 5.10, 4.19\nchromeOS version 16093.103.0"
}
]
}

76
2025/3xxx/CVE-2025-3609.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3609",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all versions up to, and including, 2.1.2. This is due to the 'reales_user_signup_form' AJAX action not verifying if user registration is enabled, prior to registering a user. This makes it possible for unauthenticated attackers to create new user accounts, which can be leveraged with CVE-XX to achieve privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization",
"cweId": "CWE-863"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pixel_prime",
"product": {
"product_data": [
{
"product_name": "Reales WP STPT",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9f3250f-39a1-4ba1-b9a2-222926635ca0?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9f3250f-39a1-4ba1-b9a2-222926635ca0?source=cve"
},
{
"url": "https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568",
"refsource": "MISC",
"name": "https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568"
}
]
},
"credits": [
{
"lang": "en",
"value": "Friderika Baranyai"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
]
}

76
2025/3xxx/CVE-2025-3610.json
View File

@ -1,17 +1,85 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3610",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@wordfence.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The Reales WP STPT plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 2.1.2. This is due to the plugin not properly validating a user's identity prior to updating their details like password. This makes it possible for authenticated attackers, with subscriber-level access and above, to change arbitrary user's passwords and email addresses, including administrators, and leverage that to gain access to their account. This can be combined with CVE-2025-3609 to achieve remote code execution as an originally unauthenticated user with no account."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-639 Authorization Bypass Through User-Controlled Key",
"cweId": "CWE-639"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "pixel_prime",
"product": {
"product_data": [
{
"product_name": "Reales WP STPT",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "*",
"version_value": "2.1.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38c6b149-39d7-491a-9f3a-261087a52a03?source=cve",
"refsource": "MISC",
"name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/38c6b149-39d7-491a-9f3a-261087a52a03?source=cve"
},
{
"url": "https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568",
"refsource": "MISC",
"name": "https://themeforest.net/item/reales-wp-real-estate-wordpress-theme/10330568"
}
]
},
"credits": [
{
"lang": "en",
"value": "Friderika Baranyai"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
}
]
}

114
2025/4xxx/CVE-2025-4303.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4303",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /add-phlebotomist.php. The manipulation of the argument empid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in PHPGurukul Human Metapneumovirus Testing Management System 1.0 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /add-phlebotomist.php. Dank der Manipulation des Arguments empid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Human Metapneumovirus Testing Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.307406",
"refsource": "MISC",
"name": "https://vuldb.com/?id.307406"
},
{
"url": "https://vuldb.com/?ctiid.307406",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.307406"
},
{
"url": "https://vuldb.com/?submit.563706",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.563706"
},
{
"url": "https://github.com/eneover/myCVE/issues/1",
"refsource": "MISC",
"name": "https://github.com/eneover/myCVE/issues/1"
},
{
"url": "https://phpgurukul.com/",
"refsource": "MISC",
"name": "https://phpgurukul.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "zyyi (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

114
2025/4xxx/CVE-2025-4304.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4304",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Cyber Cafe Management System 1.0. This affects an unknown part of the file /adminprofile.php. The manipulation of the argument mobilenumber leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in PHPGurukul Cyber Cafe Management System 1.0 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /adminprofile.php. Dank Manipulation des Arguments mobilenumber mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Cyber Cafe Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.307407",
"refsource": "MISC",
"name": "https://vuldb.com/?id.307407"
},
{
"url": "https://vuldb.com/?ctiid.307407",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.307407"
},
{
"url": "https://vuldb.com/?submit.563723",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.563723"
},
{
"url": "https://github.com/3507998897/myCVE/issues/3",
"refsource": "MISC",
"name": "https://github.com/3507998897/myCVE/issues/3"
},
{
"url": "https://phpgurukul.com/",
"refsource": "MISC",
"name": "https://phpgurukul.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "wulg (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

145
2025/4xxx/CVE-2025-4305.json
View File

@ -1,17 +1,154 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4305",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This vulnerability affects the function Upload of the file app/tools/controller/File.php. The manipulation of the argument File leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In kefaming mayi bis 1.3.9 wurde eine kritische Schwachstelle gefunden. Dabei geht es um die Funktion Upload der Datei app/tools/controller/File.php. Mit der Manipulation des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload",
"cweId": "CWE-434"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "kefaming",
"product": {
"product_data": [
{
"product_name": "mayi",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.3.0"
},
{
"version_affected": "=",
"version_value": "1.3.1"
},
{
"version_affected": "=",
"version_value": "1.3.2"
},
{
"version_affected": "=",
"version_value": "1.3.3"
},
{
"version_affected": "=",
"version_value": "1.3.4"
},
{
"version_affected": "=",
"version_value": "1.3.5"
},
{
"version_affected": "=",
"version_value": "1.3.6"
},
{
"version_affected": "=",
"version_value": "1.3.7"
},
{
"version_affected": "=",
"version_value": "1.3.8"
},
{
"version_affected": "=",
"version_value": "1.3.9"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.307408",
"refsource": "MISC",
"name": "https://vuldb.com/?id.307408"
},
{
"url": "https://vuldb.com/?ctiid.307408",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.307408"
},
{
"url": "https://vuldb.com/?submit.563784",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.563784"
},
{
"url": "https://github.com/caigo8/CVE-md/blob/main/%E8%9A%82%E8%9A%81%E6%88%90%E7%BB%A9%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0RCE.md",
"refsource": "MISC",
"name": "https://github.com/caigo8/CVE-md/blob/main/%E8%9A%82%E8%9A%81%E6%88%90%E7%BB%A9%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F/%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0RCE.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Caigo (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

18
2025/4xxx/CVE-2025-4374.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}