admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-01 02:00:33 +00:00
parent 5d84b33805
commit 5d7d673e09
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
9 changed files with 314 additions and 279 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2025/1xxx/CVE-2025-1805.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1805",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

145
2025/23xxx/CVE-2025-23087.json
View File

@ -5,154 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2025-23087",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** This CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The continued use of EOL versions may expose systems to potential security risks due to unaddressed software vulnerabilities or dependencies (CWE-1104: Use of Unmaintained Third-Party Components).\r\nNOTE: use of the CVE List to report that a product is unsupported, without reference to a specific defect, is novel and the CVE Program is actively assessing both the validity and potential value of this approach.\r\n\r\nUsers are advised to upgrade to actively supported versions of Node.js to ensure continued security updates and support."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nodejs",
"product": {
"product_data": [
{
"product_name": "node",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "17.9.1",
"version_value": "17.9.1"
},
{
"version_affected": "<=",
"version_name": "16.20.2",
"version_value": "16.20.2"
},
{
"version_affected": "<=",
"version_name": "15.14.0",
"version_value": "15.14.0"
},
{
"version_affected": "<=",
"version_name": "14.21.3",
"version_value": "14.21.3"
},
{
"version_affected": "<=",
"version_name": "13.14.0",
"version_value": "13.14.0"
},
{
"version_affected": "<=",
"version_name": "12.22.12",
"version_value": "12.22.12"
},
{
"version_affected": "<=",
"version_name": "11.15.0",
"version_value": "11.15.0"
},
{
"version_affected": "<=",
"version_name": "10.24.1",
"version_value": "10.24.1"
},
{
"version_affected": "<=",
"version_name": "9.11.2",
"version_value": "9.11.2"
},
{
"version_affected": "<=",
"version_name": "8.17.0",
"version_value": "8.17.0"
},
{
"version_affected": "<=",
"version_name": "7.10.1",
"version_value": "7.10.1"
},
{
"version_affected": "<=",
"version_name": "6.17.1",
"version_value": "6.17.1"
},
{
"version_affected": "<=",
"version_name": "5.12.0",
"version_value": "5.12.0"
},
{
"version_affected": "<=",
"version_name": "4.9.1",
"version_value": "4.9.1"
},
{
"version_affected": "<=",
"version_name": "3.3.1",
"version_value": "3.3.1"
},
{
"version_affected": "<=",
"version_name": "2.13.2",
"version_value": "2.13.2"
},
{
"version_affected": "<=",
"version_name": "1.8.4",
"version_value": "1.8.4"
},
{
"version_affected": "<=",
"version_name": "0.12.18",
"version_value": "0.12.18"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases",
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"value": "** REJECT ** This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities"
}
]
}

60
2025/23xxx/CVE-2025-23088.json
View File

@ -5,69 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2025-23088",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** NOTE: use of the CVE List to report that a product is unsupported, without reference to a specific defect, is novel and the CVE Program is actively assessing both the validity and potential value of this approach.\r\n\r\nThis CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The continued use of EOL versions may expose systems to potential security risks due to unaddressed software vulnerabilities or dependencies (CWE-1104: Use of Unmaintained Third-Party Components).\r\n\r\nUsers are advised to upgrade to actively supported versions of Node.js to ensure continued security updates and support."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nodejs",
"product": {
"product_data": [
{
"product_name": "node",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "19.9.0",
"version_value": "19.9.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases",
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"value": "** REJECT ** This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities"
}
]
}

60
2025/23xxx/CVE-2025-23089.json
View File

@ -5,69 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2025-23089",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** DISPUTED ** NOTE: use of the CVE List to report that a product is unsupported, without reference to a specific defect, is novel and the CVE Program is actively assessing both the validity and potential value of this approach.\r\n\r\nThis CVE has been issued to inform users that they are using End-of-Life (EOL) versions of Node.js. These versions are no longer supported and do not receive updates, including security patches. The continued use of EOL versions may expose systems to potential security risks due to unaddressed software vulnerabilities or dependencies (CWE-1104: Use of Unmaintained Third-Party Components).\r\n\r\nUsers are advised to upgrade to actively supported versions of Node.js to ensure continued security updates and support."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nodejs",
"product": {
"product_data": [
{
"product_name": "node",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "21.7.3",
"version_value": "21.7.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases",
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/january-2025-security-releases"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH"
"value": "** REJECT ** This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities"
}
]
}

64
2025/23xxx/CVE-2025-23115.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras management network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Protect Cameras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.74.106",
"version_value": "4.74.106"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9,
"baseSeverity": "CRITICAL"
}
]
}

64
2025/23xxx/CVE-2025-23116.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23116",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Authentication Bypass vulnerability on UniFi Protect Application with Auto-Adopt Bridge Devices enabled could allow a malicious actor with access to UniFi Protect Cameras adjacent network to take control of UniFi Protect Cameras."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Protect Application",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.2.49",
"version_value": "5.2.49"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"baseScore": 9.6,
"baseSeverity": "CRITICAL"
}
]
}

54
2025/23xxx/CVE-2025-23117.json
View File

@ -1,17 +1,63 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23117",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Protect Cameras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.74.106",
"version_value": "4.74.106"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f"
}
]
}

64
2025/23xxx/CVE-2025-23118.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23118",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Protect Cameras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.74.106",
"version_value": "4.74.106"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.4,
"baseSeverity": "MEDIUM"
}
]
}

64
2025/23xxx/CVE-2025-23119.json
View File

@ -1,17 +1,73 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-23119",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass with a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras adjacent network."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Ubiquiti Inc",
"product": {
"product_data": [
{
"product_name": "UniFi Protect Cameras",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.74.106",
"version_value": "4.74.106"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f",
"refsource": "MISC",
"name": "https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH"
}
]
}