From c091cb1453f993182ab33ae9a91f8e52606aa421 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 18 Apr 2025 15:00:39 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/29xxx/CVE-2024-29643.json | 56 ++++++++++++++-- 2024/56xxx/CVE-2024-56705.json | 24 ++++++- 2025/25xxx/CVE-2025-25952.json | 5 ++ 2025/25xxx/CVE-2025-25953.json | 5 ++ 2025/28xxx/CVE-2025-28228.json | 56 ++++++++++++++-- 2025/28xxx/CVE-2025-28229.json | 56 ++++++++++++++-- 2025/28xxx/CVE-2025-28230.json | 56 ++++++++++++++-- 2025/28xxx/CVE-2025-28232.json | 56 ++++++++++++++-- 2025/29xxx/CVE-2025-29625.json | 61 ++++++++++++++++-- 2025/2xxx/CVE-2025-2950.json | 78 ++++++++++++++++++++-- 2025/37xxx/CVE-2025-37838.json | 71 ++++++++++++++++++-- 2025/3xxx/CVE-2025-3791.json | 114 +++++++++++++++++++++++++++++++-- 2025/3xxx/CVE-2025-3795.json | 18 ++++++ 2025/3xxx/CVE-2025-3796.json | 18 ++++++ 2025/3xxx/CVE-2025-3797.json | 18 ++++++ 2025/3xxx/CVE-2025-3798.json | 18 ++++++ 2025/3xxx/CVE-2025-3799.json | 18 ++++++ 2025/3xxx/CVE-2025-3800.json | 18 ++++++ 2025/3xxx/CVE-2025-3801.json | 18 ++++++ 2025/3xxx/CVE-2025-3802.json | 18 ++++++ 2025/3xxx/CVE-2025-3803.json | 18 ++++++ 2025/3xxx/CVE-2025-3804.json | 18 ++++++ 2025/3xxx/CVE-2025-3805.json | 18 ++++++ 2025/3xxx/CVE-2025-3806.json | 18 ++++++ 2025/3xxx/CVE-2025-3807.json | 18 ++++++ 2025/3xxx/CVE-2025-3808.json | 18 ++++++ 2025/43xxx/CVE-2025-43892.json | 18 ++++++ 2025/43xxx/CVE-2025-43893.json | 18 ++++++ 2025/43xxx/CVE-2025-43894.json | 18 ++++++ 2025/43xxx/CVE-2025-43895.json | 18 ++++++ 2025/43xxx/CVE-2025-43896.json | 18 ++++++ 2025/43xxx/CVE-2025-43897.json | 18 ++++++ 2025/43xxx/CVE-2025-43898.json | 18 ++++++ 2025/43xxx/CVE-2025-43899.json | 18 ++++++ 2025/43xxx/CVE-2025-43900.json | 18 ++++++ 2025/43xxx/CVE-2025-43901.json | 18 ++++++ 36 files changed, 1020 insertions(+), 50 deletions(-) create mode 100644 2025/3xxx/CVE-2025-3795.json create mode 100644 2025/3xxx/CVE-2025-3796.json create mode 100644 2025/3xxx/CVE-2025-3797.json create mode 100644 2025/3xxx/CVE-2025-3798.json create mode 100644 2025/3xxx/CVE-2025-3799.json create mode 100644 2025/3xxx/CVE-2025-3800.json create mode 100644 2025/3xxx/CVE-2025-3801.json create mode 100644 2025/3xxx/CVE-2025-3802.json create mode 100644 2025/3xxx/CVE-2025-3803.json create mode 100644 2025/3xxx/CVE-2025-3804.json create mode 100644 2025/3xxx/CVE-2025-3805.json create mode 100644 2025/3xxx/CVE-2025-3806.json create mode 100644 2025/3xxx/CVE-2025-3807.json create mode 100644 2025/3xxx/CVE-2025-3808.json create mode 100644 2025/43xxx/CVE-2025-43892.json create mode 100644 2025/43xxx/CVE-2025-43893.json create mode 100644 2025/43xxx/CVE-2025-43894.json create mode 100644 2025/43xxx/CVE-2025-43895.json create mode 100644 2025/43xxx/CVE-2025-43896.json create mode 100644 2025/43xxx/CVE-2025-43897.json create mode 100644 2025/43xxx/CVE-2025-43898.json create mode 100644 2025/43xxx/CVE-2025-43899.json create mode 100644 2025/43xxx/CVE-2025-43900.json create mode 100644 2025/43xxx/CVE-2025-43901.json diff --git a/2024/29xxx/CVE-2024-29643.json b/2024/29xxx/CVE-2024-29643.json index f6759fa6d69..81f2cd5ff7d 100644 --- a/2024/29xxx/CVE-2024-29643.json +++ b/2024/29xxx/CVE-2024-29643.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-29643", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-29643", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in croogo v.3.0.2 allows an attacker to perform Host header injection via the feed.rss component." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://medium.com/@christbowel6/cve-2024-29643-host-header-injection-in-croogo-v3-0-2-0aded525f574", + "url": "https://medium.com/@christbowel6/cve-2024-29643-host-header-injection-in-croogo-v3-0-2-0aded525f574" } ] } diff --git a/2024/56xxx/CVE-2024-56705.json b/2024/56xxx/CVE-2024-56705.json index 6ff61d616d3..387ad2c2181 100644 --- a/2024/56xxx/CVE-2024-56705.json +++ b/2024/56xxx/CVE-2024-56705.json @@ -41,6 +41,11 @@ { "version_affected": "<", "version_name": "a49d25364dfb9f8a64037488a39ab1f56c5fa419", + "version_value": "51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654" + }, + { + "version_affected": "<", + "version_name": "ad85094b293e40e7a2f831b0311a389d952ebd5e", "version_value": "0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a" }, { @@ -51,12 +56,22 @@ "version": "4.12", "status": "affected" }, + { + "version": "5.8", + "status": "affected" + }, { "version": "0", "lessThan": "4.12", "status": "unaffected", "versionType": "semver" }, + { + "version": "4.18", + "lessThan": "5.8", + "status": "unaffected", + "versionType": "semver" + }, { "version": "5.10.231", "lessThanOrEqual": "5.10.*", @@ -94,7 +109,7 @@ "versionType": "semver" }, { - "version": "6.13-rc1", + "version": "6.13", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" @@ -114,6 +129,11 @@ }, "references": { "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654" + }, { "url": "https://git.kernel.org/stable/c/0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a", "refsource": "MISC", @@ -152,6 +172,6 @@ ] }, "generator": { - "engine": "bippy-5f407fcff5a0" + "engine": "bippy-1.1.0" } } \ No newline at end of file diff --git a/2025/25xxx/CVE-2025-25952.json b/2025/25xxx/CVE-2025-25952.json index 4b4b8e30da8..b764f7dc787 100644 --- a/2025/25xxx/CVE-2025-25952.json +++ b/2025/25xxx/CVE-2025-25952.json @@ -56,6 +56,11 @@ "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89639", "refsource": "MISC", "name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89639" + }, + { + "refsource": "MISC", + "name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25952", + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25952" } ] } diff --git a/2025/25xxx/CVE-2025-25953.json b/2025/25xxx/CVE-2025-25953.json index 2c293ce835f..bdc385f1e92 100644 --- a/2025/25xxx/CVE-2025-25953.json +++ b/2025/25xxx/CVE-2025-25953.json @@ -56,6 +56,11 @@ "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640", "refsource": "MISC", "name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89640" + }, + { + "refsource": "MISC", + "name": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25953", + "url": "https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25953" } ] } diff --git a/2025/28xxx/CVE-2025-28228.json b/2025/28xxx/CVE-2025-28228.json index d0b800a2638..5342cbae413 100644 --- a/2025/28xxx/CVE-2025-28228.json +++ b/2025/28xxx/CVE-2025-28228.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-28228", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-28228", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A credential exposure vulnerability in Electrolink 500W, 1kW, 2kW Medium DAB Transmitter Web v01.09, v01.08, v01.07, and Display v1.4, v1.2 allows unauthorized attackers to access credentials in plaintext." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228", + "url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28228" } ] } diff --git a/2025/28xxx/CVE-2025-28229.json b/2025/28xxx/CVE-2025-28229.json index 373757b2696..a58bf2d2189 100644 --- a/2025/28xxx/CVE-2025-28229.json +++ b/2025/28xxx/CVE-2025-28229.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-28229", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-28229", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows attackers to bypass authentication and gain Administrator privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28229", + "url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28229" } ] } diff --git a/2025/28xxx/CVE-2025-28230.json b/2025/28xxx/CVE-2025-28230.json index 71e2761bb51..49c0f3b6196 100644 --- a/2025/28xxx/CVE-2025-28230.json +++ b/2025/28xxx/CVE-2025-28230.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-28230", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-28230", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in JMBroadcast JMB0150 Firmware v1.0 allows attackers to access hardcoded administrator credentials." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230", + "url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28230" } ] } diff --git a/2025/28xxx/CVE-2025-28232.json b/2025/28xxx/CVE-2025-28232.json index d0340088b60..7f5ff4fed49 100644 --- a/2025/28xxx/CVE-2025-28232.json +++ b/2025/28xxx/CVE-2025-28232.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-28232", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-28232", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows attackers to access the Admin panel without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28232", + "url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-28232" } ] } diff --git a/2025/29xxx/CVE-2025-29625.json b/2025/29xxx/CVE-2025-29625.json index a9912bf4ddf..c5253862dcf 100644 --- a/2025/29xxx/CVE-2025-29625.json +++ b/2025/29xxx/CVE-2025-29625.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-29625", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-29625", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow vulnerability in Astrolog v7.70 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via an overly long environment variable passed to FileOpen function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://github.com/CruiserOne/Astrolog/issues/25", + "url": "https://github.com/CruiserOne/Astrolog/issues/25" + }, + { + "refsource": "MISC", + "name": "https://blog.reodus.com/posts/cve-2025-29625/", + "url": "https://blog.reodus.com/posts/cve-2025-29625/" } ] } diff --git a/2025/2xxx/CVE-2025-2950.json b/2025/2xxx/CVE-2025-2950.json index 7b9fa8c80eb..155c3364027 100644 --- a/2025/2xxx/CVE-2025-2950.json +++ b/2025/2xxx/CVE-2025-2950.json @@ -1,17 +1,87 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2950", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax", + "cweId": "CWE-644" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "i", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "7.3, 7.4, 7.5, 7.6" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/7231320", + "refsource": "MISC", + "name": "https://www.ibm.com/support/pages/node/7231320" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2025/37xxx/CVE-2025-37838.json b/2025/37xxx/CVE-2025-37838.json index 46d1eecad4e..2ddb47c770a 100644 --- a/2025/37xxx/CVE-2025-37838.json +++ b/2025/37xxx/CVE-2025-37838.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-37838", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@kernel.org", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nHSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition\n\nIn the ssi_protocol_probe() function, &ssi->work is bound with\nssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() function\nwithin the ssip_pn_ops structure is capable of starting the\nwork.\n\nIf we remove the module which will call ssi_protocol_remove()\nto make a cleanup, it will free ssi through kfree(ssi),\nwhile the work mentioned above will be used. The sequence\nof operations that may lead to a UAF bug is as follows:\n\nCPU0 CPU1\n\n | ssip_xmit_work\nssi_protocol_remove |\nkfree(ssi); |\n | struct hsi_client *cl = ssi->cl;\n | // use ssi\n\nFix it by ensuring that the work is canceled before proceeding\nwith the cleanup in ssi_protocol_remove()." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Linux", + "product": { + "product_data": [ + { + "product_name": "Linux", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "version_value": "e3f88665a78045fe35c7669d2926b8d97b892c11" + }, + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "version": "6.15-rc1", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ], + "defaultStatus": "affected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://git.kernel.org/stable/c/e3f88665a78045fe35c7669d2926b8d97b892c11", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/e3f88665a78045fe35c7669d2926b8d97b892c11" + } + ] + }, + "generator": { + "engine": "bippy-1.1.0" } } \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3791.json b/2025/3xxx/CVE-2025-3791.json index 6f6307435d4..351f59e9add 100644 --- a/2025/3xxx/CVE-2025-3791.json +++ b/2025/3xxx/CVE-2025-3791.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3791", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available." + }, + { + "lang": "deu", + "value": "In symisc UnQLite bis 957c377cb691a4f617db9aba5cc46d90425071e2 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Hierbei betrifft es die Funktion jx9MemObjStore der Datei /data/src/benchmarks/unqlite/unqlite.c. Dank Manipulation mit unbekannten Daten kann eine heap-based buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Dieses Produkt verzichtet auf eine Versionierung und verwendet stattdessen Rolling Releases. Deshalb sind keine Details zu betroffenen oder zu aktualisierende Versionen vorhanden." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow", + "cweId": "CWE-122" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Memory Corruption", + "cweId": "CWE-119" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "symisc", + "product": { + "product_data": [ + { + "product_name": "UnQLite", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "957c377cb691a4f617db9aba5cc46d90425071e2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.305614", + "refsource": "MISC", + "name": "https://vuldb.com/?id.305614" + }, + { + "url": "https://vuldb.com/?ctiid.305614", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.305614" + }, + { + "url": "https://vuldb.com/?submit.554574", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.554574" + }, + { + "url": "https://github.com/symisc/unqlite/issues/173", + "refsource": "MISC", + "name": "https://github.com/symisc/unqlite/issues/173" + }, + { + "url": "https://github.com/user-attachments/files/19652580/unqlite-reproduce-heap-overflow.zip", + "refsource": "MISC", + "name": "https://github.com/user-attachments/files/19652580/unqlite-reproduce-heap-overflow.zip" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Haoxin Tu (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 5.3, + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 5.3, + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 4.3, + "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2025/3xxx/CVE-2025-3795.json b/2025/3xxx/CVE-2025-3795.json new file mode 100644 index 00000000000..2914f833d63 --- /dev/null +++ b/2025/3xxx/CVE-2025-3795.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3795", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3796.json b/2025/3xxx/CVE-2025-3796.json new file mode 100644 index 00000000000..0214c7bc71a --- /dev/null +++ b/2025/3xxx/CVE-2025-3796.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3796", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3797.json b/2025/3xxx/CVE-2025-3797.json new file mode 100644 index 00000000000..b48492f0fc8 --- /dev/null +++ b/2025/3xxx/CVE-2025-3797.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3797", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3798.json b/2025/3xxx/CVE-2025-3798.json new file mode 100644 index 00000000000..bfcffc07f2e --- /dev/null +++ b/2025/3xxx/CVE-2025-3798.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3798", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3799.json b/2025/3xxx/CVE-2025-3799.json new file mode 100644 index 00000000000..fa76e176614 --- /dev/null +++ b/2025/3xxx/CVE-2025-3799.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3799", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3800.json b/2025/3xxx/CVE-2025-3800.json new file mode 100644 index 00000000000..fa7b91e60b3 --- /dev/null +++ b/2025/3xxx/CVE-2025-3800.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3800", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3801.json b/2025/3xxx/CVE-2025-3801.json new file mode 100644 index 00000000000..408574a7502 --- /dev/null +++ b/2025/3xxx/CVE-2025-3801.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3801", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3802.json b/2025/3xxx/CVE-2025-3802.json new file mode 100644 index 00000000000..dcb6c117ac9 --- /dev/null +++ b/2025/3xxx/CVE-2025-3802.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3802", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3803.json b/2025/3xxx/CVE-2025-3803.json new file mode 100644 index 00000000000..e88ac2a0174 --- /dev/null +++ b/2025/3xxx/CVE-2025-3803.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3803", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3804.json b/2025/3xxx/CVE-2025-3804.json new file mode 100644 index 00000000000..b9df4392804 --- /dev/null +++ b/2025/3xxx/CVE-2025-3804.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3804", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3805.json b/2025/3xxx/CVE-2025-3805.json new file mode 100644 index 00000000000..ebc8ed40ae6 --- /dev/null +++ b/2025/3xxx/CVE-2025-3805.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3805", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3806.json b/2025/3xxx/CVE-2025-3806.json new file mode 100644 index 00000000000..b13cd5b6341 --- /dev/null +++ b/2025/3xxx/CVE-2025-3806.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3806", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3807.json b/2025/3xxx/CVE-2025-3807.json new file mode 100644 index 00000000000..3a3bb1eae55 --- /dev/null +++ b/2025/3xxx/CVE-2025-3807.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3807", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3808.json b/2025/3xxx/CVE-2025-3808.json new file mode 100644 index 00000000000..faf6cc6afa6 --- /dev/null +++ b/2025/3xxx/CVE-2025-3808.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3808", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43892.json b/2025/43xxx/CVE-2025-43892.json new file mode 100644 index 00000000000..bf35c799c00 --- /dev/null +++ b/2025/43xxx/CVE-2025-43892.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43892", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43893.json b/2025/43xxx/CVE-2025-43893.json new file mode 100644 index 00000000000..daae42675fd --- /dev/null +++ b/2025/43xxx/CVE-2025-43893.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43893", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43894.json b/2025/43xxx/CVE-2025-43894.json new file mode 100644 index 00000000000..673c370f049 --- /dev/null +++ b/2025/43xxx/CVE-2025-43894.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43894", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43895.json b/2025/43xxx/CVE-2025-43895.json new file mode 100644 index 00000000000..f3c0d8172a9 --- /dev/null +++ b/2025/43xxx/CVE-2025-43895.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43895", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43896.json b/2025/43xxx/CVE-2025-43896.json new file mode 100644 index 00000000000..63d3c6b710e --- /dev/null +++ b/2025/43xxx/CVE-2025-43896.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43896", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43897.json b/2025/43xxx/CVE-2025-43897.json new file mode 100644 index 00000000000..ba31b691ac0 --- /dev/null +++ b/2025/43xxx/CVE-2025-43897.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43897", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43898.json b/2025/43xxx/CVE-2025-43898.json new file mode 100644 index 00000000000..23c85c9537c --- /dev/null +++ b/2025/43xxx/CVE-2025-43898.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43898", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43899.json b/2025/43xxx/CVE-2025-43899.json new file mode 100644 index 00000000000..696a1a6081c --- /dev/null +++ b/2025/43xxx/CVE-2025-43899.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43899", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43900.json b/2025/43xxx/CVE-2025-43900.json new file mode 100644 index 00000000000..4ceabb41a3e --- /dev/null +++ b/2025/43xxx/CVE-2025-43900.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43900", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/43xxx/CVE-2025-43901.json b/2025/43xxx/CVE-2025-43901.json new file mode 100644 index 00000000000..488d267017c --- /dev/null +++ b/2025/43xxx/CVE-2025-43901.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-43901", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file