From 7969112fe0fd1d661bb7949b7a4109921ba14801 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 29 Jan 2025 12:00:57 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/12xxx/CVE-2024-12085.json | 68 ++++++++++++++++ 2024/13xxx/CVE-2024-13561.json | 86 +++++++++++++++++++- 2024/41xxx/CVE-2024-41140.json | 85 +++++++++++++++++++- 2024/54xxx/CVE-2024-54461.json | 61 +++++++++++++- 2024/54xxx/CVE-2024-54462.json | 61 +++++++++++++- 2024/55xxx/CVE-2024-55925.json | 4 +- 2024/55xxx/CVE-2024-55926.json | 4 +- 2024/55xxx/CVE-2024-55927.json | 4 +- 2024/55xxx/CVE-2024-55928.json | 4 +- 2024/55xxx/CVE-2024-55929.json | 4 +- 2024/55xxx/CVE-2024-55930.json | 4 +- 2024/55xxx/CVE-2024-55931.json | 4 +- 2025/0xxx/CVE-2025-0353.json | 141 ++++++++++++++++++++++++++++++++- 2025/0xxx/CVE-2025-0825.json | 18 +++++ 2025/24xxx/CVE-2025-24956.json | 18 +++++ 15 files changed, 532 insertions(+), 34 deletions(-) create mode 100644 2025/0xxx/CVE-2025-0825.json create mode 100644 2025/24xxx/CVE-2025-24956.json diff --git a/2024/12xxx/CVE-2024-12085.json b/2024/12xxx/CVE-2024-12085.json index 35b3ecd3b62..f3d4a06308e 100644 --- a/2024/12xxx/CVE-2024-12085.json +++ b/2024/12xxx/CVE-2024-12085.json @@ -77,6 +77,69 @@ ] } }, + { + "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.1.3-14.el8_6.6", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.1.3-14.el8_6.6", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, + { + "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "0:3.1.3-14.el8_6.6", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], + "defaultStatus": "affected" + } + } + ] + } + }, { "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "version": { @@ -265,6 +328,11 @@ "refsource": "MISC", "name": "https://access.redhat.com/errata/RHSA-2025:0787" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:0790", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:0790" + }, { "url": "https://access.redhat.com/security/cve/CVE-2024-12085", "refsource": "MISC", diff --git a/2024/13xxx/CVE-2024-13561.json b/2024/13xxx/CVE-2024-13561.json index 4932994b7b0..3ea5089eb52 100644 --- a/2024/13xxx/CVE-2024-13561.json +++ b/2024/13xxx/CVE-2024-13561.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-13561", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's brid_override_yt shortcode in all versions up to, and including, 3.8.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "sovica", + "product": { + "product_data": [ + { + "product_name": "Target Video Easy Publish", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "3.8.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc67fbfa-d84c-45c3-bbb1-4557dc70a8c9?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/cc67fbfa-d84c-45c3-bbb1-4557dc70a8c9?source=cve" + }, + { + "url": "https://wordpress.org/plugins/brid-video-easy-publish/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/brid-video-easy-publish/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/brid-video-easy-publish/trunk/lib/BridShortcode.php#L412", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/brid-video-easy-publish/trunk/lib/BridShortcode.php#L412" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3226143/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3226143/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SOPROBRO" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2024/41xxx/CVE-2024-41140.json b/2024/41xxx/CVE-2024-41140.json index b0b836db524..72c29369c32 100644 --- a/2024/41xxx/CVE-2024-41140.json +++ b/2024/41xxx/CVE-2024-41140.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-41140", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@manageengine.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zohocorp ManageEngine Applications Manager versions\u00a0174000 and prior are vulnerable to the incorrect authorization in the update user function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-863 Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ManageEngine", + "product": { + "product_data": [ + { + "product_name": "Applications Manager", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "174000" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2024-41140.html", + "refsource": "MISC", + "name": "https://www.manageengine.com/products/applications_manager/security-updates/security-updates-cve-2024-41140.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "maneesh" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/54xxx/CVE-2024-54461.json b/2024/54xxx/CVE-2024-54461.json index 637ca596e6f..dbbef458e43 100644 --- a/2024/54xxx/CVE-2024-54461.json +++ b/2024/54xxx/CVE-2024-54461.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54461", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The file names constructed within file_selector are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select a document file from that provider while using your app and could potentially override internal files in your app cache. Issue patched in 0.5.1+12. It is recommended to update to the latest version of file_selector_android that contains the changes to address this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-23", + "cweId": "CWE-23" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Flutter", + "product": { + "product_data": [ + { + "product_name": "file_selector_android", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0.5.1", + "version_value": "0.5.1+11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/flutter/packages/security/advisories/GHSA-r465-vhm9-7r5h", + "refsource": "MISC", + "name": "https://github.com/flutter/packages/security/advisories/GHSA-r465-vhm9-7r5h" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/54xxx/CVE-2024-54462.json b/2024/54xxx/CVE-2024-54462.json index 4c452a97615..ccd0d2c8c67 100644 --- a/2024/54xxx/CVE-2024-54462.json +++ b/2024/54xxx/CVE-2024-54462.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-54462", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@google.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The file names constructed within image_picker are missing sanitization checks leaving them vulnerable to malicious document providers. This may result in cases where a user with a malicious document provider installed can select an image file from that provider while using your app and could potentially override internal files in your app cache. Issue patched in 0.8.12+18. It is recommended to update to the latest version of image_picker_android that contains the changes to address this vulnerability." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-23", + "cweId": "CWE-23" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Flutter", + "product": { + "product_data": [ + { + "product_name": "image_picker_android", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0.8.5+6", + "version_value": "0.8.12+17" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/flutter/packages/security/advisories/GHSA-98v2-f47x-89xw", + "refsource": "MISC", + "name": "https://github.com/flutter/packages/security/advisories/GHSA-98v2-f47x-89xw" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2024/55xxx/CVE-2024-55925.json b/2024/55xxx/CVE-2024-55925.json index e586a39fe53..62a6dbd0f3b 100644 --- a/2024/55xxx/CVE-2024-55925.json +++ b/2024/55xxx/CVE-2024-55925.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55926.json b/2024/55xxx/CVE-2024-55926.json index d1f1535c4e9..ff5d78e235a 100644 --- a/2024/55xxx/CVE-2024-55926.json +++ b/2024/55xxx/CVE-2024-55926.json @@ -65,9 +65,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55927.json b/2024/55xxx/CVE-2024-55927.json index fbb9593d8fa..1c556d6a977 100644 --- a/2024/55xxx/CVE-2024-55927.json +++ b/2024/55xxx/CVE-2024-55927.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55928.json b/2024/55xxx/CVE-2024-55928.json index 95abc5bf1b5..5009934b20f 100644 --- a/2024/55xxx/CVE-2024-55928.json +++ b/2024/55xxx/CVE-2024-55928.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55929.json b/2024/55xxx/CVE-2024-55929.json index 40280a3bf5e..2d2adaaed77 100644 --- a/2024/55xxx/CVE-2024-55929.json +++ b/2024/55xxx/CVE-2024-55929.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55930.json b/2024/55xxx/CVE-2024-55930.json index 8076c98d008..68e44c1dbcc 100644 --- a/2024/55xxx/CVE-2024-55930.json +++ b/2024/55xxx/CVE-2024-55930.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2024/55xxx/CVE-2024-55931.json b/2024/55xxx/CVE-2024-55931.json index b7dbedf7775..44e6d9f3c2e 100644 --- a/2024/55xxx/CVE-2024-55931.json +++ b/2024/55xxx/CVE-2024-55931.json @@ -56,9 +56,9 @@ "references": { "reference_data": [ { - "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf", + "url": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf", "refsource": "MISC", - "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-Workplace-Suite%C2%AE.pdf" + "name": "https://securitydocs.business.xerox.com/wp-content/uploads/2025/01/Xerox-Security-Bulletin-XRX25-002-for-Xerox%C2%AE-WorkplaceSuite%C2%AE.pdf" } ] }, diff --git a/2025/0xxx/CVE-2025-0353.json b/2025/0xxx/CVE-2025-0353.json index f8f28fba060..5b558fd3dc3 100644 --- a/2025/0xxx/CVE-2025-0353.json +++ b/2025/0xxx/CVE-2025-0353.json @@ -1,17 +1,150 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-0353", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Divi Torque Lite \u2013 Best Divi Addon, Extensions, Modules & Social Modules plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several widgets in all versions up to, and including, 4.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "badhonrocks", + "product": { + "product_data": [ + { + "product_name": "Divi Torque Lite", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "4.1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5810757-1866-4788-809f-2c68e16a5156?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/d5810757-1866-4788-809f-2c68e16a5156?source=cve" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/VideoModal/VideoModal.php#L593", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/VideoModal/VideoModal.php#L593" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ImageCarouselChild/ImageCarouselChild.php#L507", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ImageCarouselChild/ImageCarouselChild.php#L507" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ScrollImage/ScrollImage.php#L388", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/ScrollImage/ScrollImage.php#L388" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoGridChild/LogoGridChild.php#L193", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoGridChild/LogoGridChild.php#L193" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoCarouselChild/LogoCarouselChild.php#L177", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/LogoCarouselChild/LogoCarouselChild.php#L177" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoBox/InfoBox.php#L852", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoBox/InfoBox.php#L852" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoCard/InfoCard.php#L688", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InfoCard/InfoCard.php#L688" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InlineNotice/InlineNotice.php#L486", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/InlineNotice/InlineNotice.php#L486" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Review/Review.php#L703", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Review/Review.php#L703" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/FlipBox/FlipBox.php#L1053", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/FlipBox/FlipBox.php#L1053" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Testimonial/Testimonial.php#L1147", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/Testimonial/Testimonial.php#L1147" + }, + { + "url": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/GradientHeading/GradientHeading.php#L344", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/browser/addons-for-divi/trunk/includes/modules/divi-4/GradientHeading/GradientHeading.php#L344" + }, + { + "url": "https://wordpress.org/plugins/addons-for-divi/#developers", + "refsource": "MISC", + "name": "https://wordpress.org/plugins/addons-for-divi/#developers" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3230743/", + "refsource": "MISC", + "name": "https://plugins.trac.wordpress.org/changeset/3230743/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Craig Smith" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 6.4, + "baseSeverity": "MEDIUM" } ] } diff --git a/2025/0xxx/CVE-2025-0825.json b/2025/0xxx/CVE-2025-0825.json new file mode 100644 index 00000000000..26df1931fe0 --- /dev/null +++ b/2025/0xxx/CVE-2025-0825.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-0825", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/24xxx/CVE-2025-24956.json b/2025/24xxx/CVE-2025-24956.json new file mode 100644 index 00000000000..a04e16ee7ac --- /dev/null +++ b/2025/24xxx/CVE-2025-24956.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-24956", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file