admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-17 17:00:36 +00:00
parent e79cad4e03
commit 720265d724
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
2 changed files with 219 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
2025/33xxx/CVE-2025-33103.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-33103",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 product IBM TCP/IP Connectivity Utilities for i contains a privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-250 Execution with Unnecessary Privileges",
"cweId": "CWE-250"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "i",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "7.2, 7.3, 7.4, 7.5, 7.6"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/7233799",
"refsource": "MISC",
"name": "https://www.ibm.com/support/pages/node/7233799"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The issue can be addressed by applying a PTF to IBM i. IBM i release 7.6, 7.5, 7.4, 7.3, 7.2 will be fixed.<br>The IBM i 5770-TC1 PTF numbers listed below resolve the vulnerability.<br><br>IBM i Release 5770-TC1<br>PTF Number PTF Download Link<br>7.6 SJ05513 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05513\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05513</a><br>7.5 SJ05494 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05494\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05494</a><br>7.4 SJ05505 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05505\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05505</a><br>7.3 SJ05514 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05514\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05514</a><br>7.2 SJ05525 <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05525\">https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05525</a><br>"
}
],
"value": "The issue can be addressed by applying a PTF to IBM i. IBM i release 7.6, 7.5, 7.4, 7.3, 7.2 will be fixed.\nThe IBM i 5770-TC1 PTF numbers listed below resolve the vulnerability.\n\nIBM i Release 5770-TC1\nPTF Number PTF Download Link\n7.6 SJ05513 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05513 \n7.5 SJ05494 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05494 \n7.4 SJ05505 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05505 \n7.3 SJ05514 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05514 \n7.2 SJ05525 https://www.ibm.com/mysupport/s/fix-information?legacy=SJ05525"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
]
}

136
2025/4xxx/CVE-2025-4831.json
View File

@ -1,17 +1,145 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4831",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615 gefunden. Es geht dabei um eine nicht klar definierte Funktion der Datei /boafrm/formSiteSurveyProfile der Komponente HTTP POST Request Handler. Durch Beeinflussen des Arguments submit-url mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overflow",
"cweId": "CWE-120"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "TOTOLINK",
"product": {
"product_data": [
{
"product_name": "A702R",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0-B20230809.1615"
}
]
}
},
{
"product_name": "A3002R",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0-B20230809.1615"
}
]
}
},
{
"product_name": "A3002RU",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.0.0-B20230809.1615"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.309297",
"refsource": "MISC",
"name": "https://vuldb.com/?id.309297"
},
{
"url": "https://vuldb.com/?ctiid.309297",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.309297"
},
{
"url": "https://vuldb.com/?submit.574604",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.574604"
},
{
"url": "https://github.com/CH13hh/tmp_store_cc/blob/main/toto/9.md",
"refsource": "MISC",
"name": "https://github.com/CH13hh/tmp_store_cc/blob/main/toto/9.md"
},
{
"url": "https://www.totolink.net/",
"refsource": "MISC",
"name": "https://www.totolink.net/"
}
]
},
"credits": [
{
"lang": "en",
"value": "BabyShark (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 8.8,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 8.8,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C"
}
]
}