From b16b95bd21eec59ff1c0d4ff6774d6013a7585d7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 4 Apr 2025 14:00:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/51xxx/CVE-2024-51800.json | 113 +++++++++++++++++++++++++++++++-- 2025/22xxx/CVE-2025-22281.json | 85 +++++++++++++++++++++++-- 2025/22xxx/CVE-2025-22285.json | 113 +++++++++++++++++++++++++++++++-- 2025/28xxx/CVE-2025-28146.json | 56 ++++++++++++++-- 2025/2xxx/CVE-2025-2786.json | 24 ++++++- 2025/2xxx/CVE-2025-2798.json | 81 +++++++++++++++++++++-- 2025/2xxx/CVE-2025-2842.json | 24 ++++++- 2025/31xxx/CVE-2025-31381.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31384.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31389.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31403.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31405.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31407.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31416.json | 113 +++++++++++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31418.json | 85 +++++++++++++++++++++++-- 2025/31xxx/CVE-2025-31420.json | 113 +++++++++++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3265.json | 18 ++++++ 2025/3xxx/CVE-2025-3266.json | 18 ++++++ 2025/3xxx/CVE-2025-3267.json | 18 ++++++ 2025/3xxx/CVE-2025-3268.json | 18 ++++++ 2025/3xxx/CVE-2025-3269.json | 18 ++++++ 2025/3xxx/CVE-2025-3270.json | 18 ++++++ 2025/3xxx/CVE-2025-3271.json | 18 ++++++ 2025/3xxx/CVE-2025-3272.json | 18 ++++++ 2025/3xxx/CVE-2025-3273.json | 18 ++++++ 2025/3xxx/CVE-2025-3274.json | 18 ++++++ 2025/3xxx/CVE-2025-3275.json | 18 ++++++ 27 files changed, 1453 insertions(+), 62 deletions(-) create mode 100644 2025/3xxx/CVE-2025-3265.json create mode 100644 2025/3xxx/CVE-2025-3266.json create mode 100644 2025/3xxx/CVE-2025-3267.json create mode 100644 2025/3xxx/CVE-2025-3268.json create mode 100644 2025/3xxx/CVE-2025-3269.json create mode 100644 2025/3xxx/CVE-2025-3270.json create mode 100644 2025/3xxx/CVE-2025-3271.json create mode 100644 2025/3xxx/CVE-2025-3272.json create mode 100644 2025/3xxx/CVE-2025-3273.json create mode 100644 2025/3xxx/CVE-2025-3274.json create mode 100644 2025/3xxx/CVE-2025-3275.json diff --git a/2024/51xxx/CVE-2024-51800.json b/2024/51xxx/CVE-2024-51800.json index 740ef6dd908..3eee625db88 100644 --- a/2024/51xxx/CVE-2024-51800.json +++ b/2024/51xxx/CVE-2024-51800.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-51800", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Privilege Assignment vulnerability in Favethemes Homey allows Privilege Escalation.This issue affects Homey: from n/a through 2.4.1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-266 Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Favethemes", + "product": { + "product_data": [ + { + "product_name": "Homey", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "2.4.2", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.4.1", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/theme/homey/vulnerability/wordpress-homey-theme-2-4-1-privilege-escalation-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/theme/homey/vulnerability/wordpress-homey-theme-2-4-1-privilege-escalation-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update to 2.4.2 or a higher version." + } + ], + "value": "Update to\u00a02.4.2 or a higher version." + } + ], + "credits": [ + { + "lang": "en", + "value": "Ayoub Nouri (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22281.json b/2025/22xxx/CVE-2025-22281.json index 3e0fde90b8b..5f3d2bdef71 100644 --- a/2025/22xxx/CVE-2025-22281.json +++ b/2025/22xxx/CVE-2025-22281.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22281", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joshix Simplish allows Stored XSS.This issue affects Simplish: from n/a through 2.6.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "joshix", + "product": { + "product_data": [ + { + "product_name": "Simplish", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "2.6.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/theme/simplish/vulnerability/wordpress-simplish-theme-2-6-4-stored-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/theme/simplish/vulnerability/wordpress-simplish-theme-2-6-4-stored-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "stealthcopter (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/22xxx/CVE-2025-22285.json b/2025/22xxx/CVE-2025-22285.json index 9f7e2a51983..d0096fea60b 100644 --- a/2025/22xxx/CVE-2025-22285.json +++ b/2025/22xxx/CVE-2025-22285.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-22285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing Authorization vulnerability in Eniture Technology Pallet Packaging for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pallet Packaging for WooCommerce: from n/a through 1.1.15." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Eniture Technology", + "product": { + "product_data": [ + { + "product_name": "Pallet Packaging for WooCommerce", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "1.1.16", + "status": "unaffected" + } + ], + "lessThanOrEqual": "1.1.15", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/pallet-packaging-for-woocommerce/vulnerability/wordpress-pallet-packaging-for-woocommerce-plugin-1-1-15-broken-access-control-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/pallet-packaging-for-woocommerce/vulnerability/wordpress-pallet-packaging-for-woocommerce-plugin-1-1-15-broken-access-control-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress Pallet Packaging for WooCommerce wordpress plugin to the latest available version (at least 1.1.16)." + } + ], + "value": "Update the WordPress Pallet Packaging for WooCommerce wordpress plugin to the latest available version (at least 1.1.16)." + } + ], + "credits": [ + { + "lang": "en", + "value": "LVT-tholv2k (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/28xxx/CVE-2025-28146.json b/2025/28xxx/CVE-2025-28146.json index cf33c459499..d2a89cf386e 100644 --- a/2025/28xxx/CVE-2025-28146.json +++ b/2025/28xxx/CVE-2025-28146.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-28146", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-28146", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/3", + "refsource": "MISC", + "name": "https://github.com/regainer27/edimax-br-6478ac_v3-br-6478ac_v3_1.0.15/tree/main/3" } ] } diff --git a/2025/2xxx/CVE-2025-2786.json b/2025/2xxx/CVE-2025-2786.json index 530c9affd44..1e04e39bbcc 100644 --- a/2025/2xxx/CVE-2025-2786.json +++ b/2025/2xxx/CVE-2025-2786.json @@ -36,15 +36,30 @@ "product": { "product_data": [ { - "product_name": "Red Hat OpenShift distributed tracing 3", + "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { + "versions": [ + { + "version": "sha256:cbe0df797c34aebfec911c281fbfee9fe7713a4c45d778ae480cd6a7bcab202e", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], "defaultStatus": "affected" } - }, + } + ] + } + }, + { + "product_name": "Red Hat OpenShift distributed tracing 3", + "version": { + "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { @@ -86,6 +101,11 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:3607", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:3607" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-2786", "refsource": "MISC", diff --git a/2025/2xxx/CVE-2025-2798.json b/2025/2xxx/CVE-2025-2798.json index d54289ed81d..650ce0085be 100644 --- a/2025/2xxx/CVE-2025-2798.json +++ b/2025/2xxx/CVE-2025-2798.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2798", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@wordfence.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Woffice CRM theme for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.4.21. This is due to a misconfiguration of excluded roles during registration. This makes it possible for unauthenticated attackers to register with an Administrator role if a custom login form is being used. This can be combined with CVE-2025-2797 to bypass the user approval process if an Administrator can be tricked into taking an action such as clicking a link." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-269 Improper Privilege Management", + "cweId": "CWE-269" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "XTENDIFY", + "product": { + "product_data": [ + { + "product_name": "Woffice CRM", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "*", + "version_value": "5.4.21" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dd6169b-bc94-4642-8975-2e96bc01576f?source=cve", + "refsource": "MISC", + "name": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6dd6169b-bc94-4642-8975-2e96bc01576f?source=cve" + }, + { + "url": "http://localhost/wp-content/themes/woffice/inc/classes/Woffice_Register.php#L405", + "refsource": "MISC", + "name": "http://localhost/wp-content/themes/woffice/inc/classes/Woffice_Register.php#L405" + }, + { + "url": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422", + "refsource": "MISC", + "name": "https://hub.woffice.io/woffice/changelog#april-1st-2025-version-5422" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Friderika Baranyai" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL" } ] } diff --git a/2025/2xxx/CVE-2025-2842.json b/2025/2xxx/CVE-2025-2842.json index b1c96ee16d5..fbdabbfca3f 100644 --- a/2025/2xxx/CVE-2025-2842.json +++ b/2025/2xxx/CVE-2025-2842.json @@ -36,15 +36,30 @@ "product": { "product_data": [ { - "product_name": "Red Hat OpenShift distributed tracing 3", + "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "version": { "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { + "versions": [ + { + "version": "sha256:cbe0df797c34aebfec911c281fbfee9fe7713a4c45d778ae480cd6a7bcab202e", + "lessThan": "*", + "versionType": "rpm", + "status": "unaffected" + } + ], "defaultStatus": "affected" } - }, + } + ] + } + }, + { + "product_name": "Red Hat OpenShift distributed tracing 3", + "version": { + "version_data": [ { "version_value": "not down converted", "x_cve_json_5_version_data": { @@ -86,6 +101,11 @@ }, "references": { "reference_data": [ + { + "url": "https://access.redhat.com/errata/RHSA-2025:3607", + "refsource": "MISC", + "name": "https://access.redhat.com/errata/RHSA-2025:3607" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-2842", "refsource": "MISC", diff --git a/2025/31xxx/CVE-2025-31381.json b/2025/31xxx/CVE-2025-31381.json index 7ca88147252..67253044a65 100644 --- a/2025/31xxx/CVE-2025-31381.json +++ b/2025/31xxx/CVE-2025-31381.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31381", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Missing Authorization vulnerability in shiptrack Booking Calendar and Notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booking Calendar and Notification: from n/a through 4.0.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862 Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Shiptrack", + "product": { + "product_data": [ + { + "product_name": "Booking Calendar and Notification", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "4.0.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/booking-calendar-and-notification/vulnerability/wordpress-booking-calendar-and-notification-plugin-4-0-3-broken-authentication-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/booking-calendar-and-notification/vulnerability/wordpress-booking-calendar-and-notification-plugin-4-0-3-broken-authentication-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Pham Van Tam (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31384.json b/2025/31xxx/CVE-2025-31384.json index 594498dcf4a..c367241d871 100644 --- a/2025/31xxx/CVE-2025-31384.json +++ b/2025/31xxx/CVE-2025-31384.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31384", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Aviplugins Videos allows Reflected XSS.This issue affects Videos: from n/a through 1.0.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", + "cweId": "CWE-80" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Aviplugins", + "product": { + "product_data": [ + { + "product_name": "Videos", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/videos/vulnerability/wordpress-videos-plugin-1-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/videos/vulnerability/wordpress-videos-plugin-1-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "0xd4rk5id3 (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31389.json b/2025/31xxx/CVE-2025-31389.json index 4e94797ad88..610c10d0a76 100644 --- a/2025/31xxx/CVE-2025-31389.json +++ b/2025/31xxx/CVE-2025-31389.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31389", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sequel.Io Sequel allows Reflected XSS.This issue affects Sequel: from n/a through 1.0.11." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "sequel.io", + "product": { + "product_data": [ + { + "product_name": "Sequel", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sequel/vulnerability/wordpress-sequel-plugin-1-0-11-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/sequel/vulnerability/wordpress-sequel-plugin-1-0-11-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "luc (Patchstack)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31403.json b/2025/31xxx/CVE-2025-31403.json index 7533502265d..6d6b49e7b59 100644 --- a/2025/31xxx/CVE-2025-31403.json +++ b/2025/31xxx/CVE-2025-31403.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31403", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shiptrack Booking Calendar and Notification allows Blind SQL Injection.This issue affects Booking Calendar and Notification: from n/a through 4.0.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "shiptrack", + "product": { + "product_data": [ + { + "product_name": "Booking Calendar and Notification", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "4.0.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/booking-calendar-and-notification/vulnerability/wordpress-booking-calendar-and-notification-plugin-4-0-3-sql-injection-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/booking-calendar-and-notification/vulnerability/wordpress-booking-calendar-and-notification-plugin-4-0-3-sql-injection-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Pham Van Tam (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31405.json b/2025/31xxx/CVE-2025-31405.json index a9a13cfe78e..3d8bc7eb2fb 100644 --- a/2025/31xxx/CVE-2025-31405.json +++ b/2025/31xxx/CVE-2025-31405.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31405", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in zankover Fami WooCommerce Compare allows PHP Local File Inclusion.This issue affects Fami WooCommerce Compare: from n/a through 1.0.5." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", + "cweId": "CWE-98" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "zankover", + "product": { + "product_data": [ + { + "product_name": "Fami WooCommerce Compare", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.0.5" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fami-woocommerce-compare/vulnerability/wordpress-fami-woocommerce-compare-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/fami-woocommerce-compare/vulnerability/wordpress-fami-woocommerce-compare-plugin-1-0-5-local-file-inclusion-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Dimas Maulana (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31407.json b/2025/31xxx/CVE-2025-31407.json index b0268dd69a4..aa600f643e1 100644 --- a/2025/31xxx/CVE-2025-31407.json +++ b/2025/31xxx/CVE-2025-31407.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31407", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hutsixdigital Tiger allows Stored XSS.This issue affects Tiger: from n/a through 2.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "hutsixdigital", + "product": { + "product_data": [ + { + "product_name": "Tiger", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/theme/tiger/vulnerability/wordpress-tiger-theme-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/theme/tiger/vulnerability/wordpress-tiger-theme-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Mika (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31416.json b/2025/31xxx/CVE-2025-31416.json index 155f00aae02..17b623a4192 100644 --- a/2025/31xxx/CVE-2025-31416.json +++ b/2025/31xxx/CVE-2025-31416.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31416", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AwesomeTOGI Awesome Event Booking allows Reflected XSS.This issue affects Awesome Event Booking: from n/a through 2.8.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "AwesomeTOGI", + "product": { + "product_data": [ + { + "product_name": "Awesome Event Booking", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "2.8.5", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.8.4", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/awesome-event-booking/vulnerability/wordpress-awesome-event-booking-plugin-2-8-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/awesome-event-booking/vulnerability/wordpress-awesome-event-booking-plugin-2-8-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress Awesome Event Booking plugin to the latest available version (at least 2.8.5)." + } + ], + "value": "Update the WordPress Awesome Event Booking plugin to the latest available version (at least 2.8.5)." + } + ], + "credits": [ + { + "lang": "en", + "value": "0xd4rk5id3 (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31418.json b/2025/31xxx/CVE-2025-31418.json index fa1235d8ec7..e15cd65dfc5 100644 --- a/2025/31xxx/CVE-2025-31418.json +++ b/2025/31xxx/CVE-2025-31418.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31418", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in noonnoo Gravel allows Reflected XSS.This issue affects Gravel: from n/a through 1.6." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "noonnoo", + "product": { + "product_data": [ + { + "product_name": "Gravel", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "n/a", + "version_value": "1.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/theme/gravel/vulnerability/wordpress-gravel-theme-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/theme/gravel/vulnerability/wordpress-gravel-theme-1-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Mika (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31420.json b/2025/31xxx/CVE-2025-31420.json index 183f2bb98a7..1ed77247965 100644 --- a/2025/31xxx/CVE-2025-31420.json +++ b/2025/31xxx/CVE-2025-31420.json @@ -1,17 +1,122 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31420", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "audit@patchstack.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum allows Privilege Escalation.This issue affects wpForo Forum: from n/a through 2.4.2." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-266 Incorrect Privilege Assignment", + "cweId": "CWE-266" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Tomdever", + "product": { + "product_data": [ + { + "product_name": "wpForo Forum", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "changes": [ + { + "at": "2.4.4", + "status": "unaffected" + } + ], + "lessThanOrEqual": "2.4.2", + "status": "affected", + "version": "n/a", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wpforo/vulnerability/wordpress-wpforo-forum-plugin-2-4-2-privilege-escalation-vulnerability?_s_id=cve", + "refsource": "MISC", + "name": "https://patchstack.com/database/wordpress/plugin/wpforo/vulnerability/wordpress-wpforo-forum-plugin-2-4-2-privilege-escalation-vulnerability?_s_id=cve" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Update the WordPress wpForo Forum plugin to the latest available version (at least 2.4.4)." + } + ], + "value": "Update the WordPress wpForo Forum plugin to the latest available version (at least 2.4.4)." + } + ], + "credits": [ + { + "lang": "en", + "value": "Revan Arifio (Patchstack Alliance)" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 7.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", + "version": "3.1" } ] } diff --git a/2025/3xxx/CVE-2025-3265.json b/2025/3xxx/CVE-2025-3265.json new file mode 100644 index 00000000000..432c24b5fe9 --- /dev/null +++ b/2025/3xxx/CVE-2025-3265.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3265", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3266.json b/2025/3xxx/CVE-2025-3266.json new file mode 100644 index 00000000000..8e7008cb8fa --- /dev/null +++ b/2025/3xxx/CVE-2025-3266.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3266", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3267.json b/2025/3xxx/CVE-2025-3267.json new file mode 100644 index 00000000000..a993525eb66 --- /dev/null +++ b/2025/3xxx/CVE-2025-3267.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3267", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3268.json b/2025/3xxx/CVE-2025-3268.json new file mode 100644 index 00000000000..ea654bf9143 --- /dev/null +++ b/2025/3xxx/CVE-2025-3268.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3268", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3269.json b/2025/3xxx/CVE-2025-3269.json new file mode 100644 index 00000000000..93c2351bba3 --- /dev/null +++ b/2025/3xxx/CVE-2025-3269.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3269", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3270.json b/2025/3xxx/CVE-2025-3270.json new file mode 100644 index 00000000000..a04f720b48b --- /dev/null +++ b/2025/3xxx/CVE-2025-3270.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3270", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3271.json b/2025/3xxx/CVE-2025-3271.json new file mode 100644 index 00000000000..96d1234d1c2 --- /dev/null +++ b/2025/3xxx/CVE-2025-3271.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3271", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3272.json b/2025/3xxx/CVE-2025-3272.json new file mode 100644 index 00000000000..49d5c7b769e --- /dev/null +++ b/2025/3xxx/CVE-2025-3272.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3272", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3273.json b/2025/3xxx/CVE-2025-3273.json new file mode 100644 index 00000000000..9803ba02838 --- /dev/null +++ b/2025/3xxx/CVE-2025-3273.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3273", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3274.json b/2025/3xxx/CVE-2025-3274.json new file mode 100644 index 00000000000..5ad72ba1af4 --- /dev/null +++ b/2025/3xxx/CVE-2025-3274.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3274", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3275.json b/2025/3xxx/CVE-2025-3275.json new file mode 100644 index 00000000000..6ec7e1ef275 --- /dev/null +++ b/2025/3xxx/CVE-2025-3275.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3275", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file