diff --git a/2020/36xxx/CVE-2020-36846.json b/2020/36xxx/CVE-2020-36846.json
new file mode 100644
index 00000000000..9ea2b1088ca
--- /dev/null
+++ b/2020/36xxx/CVE-2020-36846.json
@@ -0,0 +1,18 @@
+{
+ "data_type": "CVE",
+ "data_format": "MITRE",
+ "data_version": "4.0",
+ "CVE_data_meta": {
+ "ID": "CVE-2020-36846",
+ "ASSIGNER": "cve@mitre.org",
+ "STATE": "RESERVED"
+ },
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/2025/25xxx/CVE-2025-25025.json b/2025/25xxx/CVE-2025-25025.json
index 7621ddc7464..322360fbe82 100644
--- a/2025/25xxx/CVE-2025-25025.json
+++ b/2025/25xxx/CVE-2025-25025.json
@@ -1,17 +1,100 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25025",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-209 Generation of Error Message Containing Sensitive Information",
+ "cweId": "CWE-209"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Security Guardium",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "12.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7234827",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7234827"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "IBM encourages customers to update their systems promptly.
IBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat...
"
+ }
+ ],
+ "value": "IBM encourages customers to update their systems promptly.\n\nIBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat... https://www.ibm.com/support/fixcentral/swg/quickorder"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 4.3,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2025/25xxx/CVE-2025-25026.json b/2025/25xxx/CVE-2025-25026.json
index f61698ff70f..21293c82b79 100644
--- a/2025/25xxx/CVE-2025-25026.json
+++ b/2025/25xxx/CVE-2025-25026.json
@@ -1,17 +1,100 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25026",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due to an incorrect authentication check."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-863 Incorrect Authorization",
+ "cweId": "CWE-863"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Security Guardium",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "12.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7234827",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7234827"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "IBM encourages customers to update their systems promptly.
IBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat...
"
+ }
+ ],
+ "value": "IBM encourages customers to update their systems promptly.\n\nIBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat... https://www.ibm.com/support/fixcentral/swg/quickorder"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 4.3,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
+ "version": "3.1"
}
]
}
diff --git a/2025/25xxx/CVE-2025-25029.json b/2025/25xxx/CVE-2025-25029.json
index 5443e0d7dc8..b7c70664ced 100644
--- a/2025/25xxx/CVE-2025-25029.json
+++ b/2025/25xxx/CVE-2025-25029.json
@@ -1,17 +1,100 @@
{
+ "data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
- "data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25029",
- "ASSIGNER": "cve@mitre.org",
- "STATE": "RESERVED"
+ "ASSIGNER": "psirt@us.ibm.com",
+ "STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
- "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+ "value": "IBM Security Guardium 12.0 could allow a privileged user to download any file on the system due to improper escaping of input."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-116 Improper Encoding or Escaping of Output",
+ "cweId": "CWE-116"
+ }
+ ]
+ }
+ ]
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "vendor_name": "IBM",
+ "product": {
+ "product_data": [
+ {
+ "product_name": "Security Guardium",
+ "version": {
+ "version_data": [
+ {
+ "version_affected": "=",
+ "version_value": "12.0"
+ }
+ ]
+ }
+ }
+ ]
+ }
+ }
+ ]
+ }
+ },
+ "references": {
+ "reference_data": [
+ {
+ "url": "https://www.ibm.com/support/pages/node/7234827",
+ "refsource": "MISC",
+ "name": "https://www.ibm.com/support/pages/node/7234827"
+ }
+ ]
+ },
+ "generator": {
+ "engine": "Vulnogram 0.2.0"
+ },
+ "source": {
+ "discovery": "UNKNOWN"
+ },
+ "solution": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "IBM encourages customers to update their systems promptly.
IBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat...
"
+ }
+ ],
+ "value": "IBM encourages customers to update their systems promptly.\n\nIBM Guardium Data Protection 12.0 https://www.ibm.com/support/fixcentral/swg/quickorder?parent=IBM%20Security&product=ibm/Informat... https://www.ibm.com/support/fixcentral/swg/quickorder"
+ }
+ ],
+ "impact": {
+ "cvss": [
+ {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 4.9,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "HIGH",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
+ "version": "3.1"
}
]
}