From c30ce797a152cb79d845b4d8946a69f628a93e6c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 30 Apr 2025 19:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/2xxx/CVE-2024-2777.json | 38 +++++++++++- 2024/47xxx/CVE-2024-47784.json | 79 ++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9876.json | 103 +++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9877.json | 103 +++++++++++++++++++++++++++++-- 2025/24xxx/CVE-2025-24887.json | 85 ++++++++++++++++++++++++-- 2025/2xxx/CVE-2025-2170.json | 61 +++++++++++++++++-- 2025/32xxx/CVE-2025-32777.json | 99 ++++++++++++++++++++++++++++-- 2025/46xxx/CVE-2025-46331.json | 63 +++++++++++++++++-- 2025/46xxx/CVE-2025-46554.json | 108 +++++++++++++++++++++++++++++++-- 2025/46xxx/CVE-2025-46557.json | 76 +++++++++++++++++++++-- 2025/46xxx/CVE-2025-46558.json | 86 ++++++++++++++++++++++++-- 2025/4xxx/CVE-2025-4145.json | 18 ++++++ 2025/4xxx/CVE-2025-4146.json | 18 ++++++ 2025/4xxx/CVE-2025-4147.json | 18 ++++++ 2025/4xxx/CVE-2025-4148.json | 18 ++++++ 2025/4xxx/CVE-2025-4149.json | 18 ++++++ 2025/4xxx/CVE-2025-4150.json | 18 ++++++ 2025/4xxx/CVE-2025-4151.json | 18 ++++++ 2025/4xxx/CVE-2025-4152.json | 18 ++++++ 2025/4xxx/CVE-2025-4153.json | 18 ++++++ 2025/4xxx/CVE-2025-4154.json | 18 ++++++ 2025/4xxx/CVE-2025-4155.json | 18 ++++++ 2025/4xxx/CVE-2025-4156.json | 18 ++++++ 2025/4xxx/CVE-2025-4157.json | 18 ++++++ 2025/4xxx/CVE-2025-4158.json | 18 ++++++ 2025/4xxx/CVE-2025-4159.json | 18 ++++++ 2025/4xxx/CVE-2025-4160.json | 18 ++++++ 2025/4xxx/CVE-2025-4161.json | 18 ++++++ 2025/4xxx/CVE-2025-4162.json | 18 ++++++ 2025/4xxx/CVE-2025-4163.json | 18 ++++++ 2025/4xxx/CVE-2025-4164.json | 18 ++++++ 2025/4xxx/CVE-2025-4165.json | 18 ++++++ 32 files changed, 1236 insertions(+), 43 deletions(-) create mode 100644 2025/4xxx/CVE-2025-4145.json create mode 100644 2025/4xxx/CVE-2025-4146.json create mode 100644 2025/4xxx/CVE-2025-4147.json create mode 100644 2025/4xxx/CVE-2025-4148.json create mode 100644 2025/4xxx/CVE-2025-4149.json create mode 100644 2025/4xxx/CVE-2025-4150.json create mode 100644 2025/4xxx/CVE-2025-4151.json create mode 100644 2025/4xxx/CVE-2025-4152.json create mode 100644 2025/4xxx/CVE-2025-4153.json create mode 100644 2025/4xxx/CVE-2025-4154.json create mode 100644 2025/4xxx/CVE-2025-4155.json create mode 100644 2025/4xxx/CVE-2025-4156.json create mode 100644 2025/4xxx/CVE-2025-4157.json create mode 100644 2025/4xxx/CVE-2025-4158.json create mode 100644 2025/4xxx/CVE-2025-4159.json create mode 100644 2025/4xxx/CVE-2025-4160.json create mode 100644 2025/4xxx/CVE-2025-4161.json create mode 100644 2025/4xxx/CVE-2025-4162.json create mode 100644 2025/4xxx/CVE-2025-4163.json create mode 100644 2025/4xxx/CVE-2025-4164.json create mode 100644 2025/4xxx/CVE-2025-4165.json diff --git a/2024/2xxx/CVE-2024-2777.json b/2024/2xxx/CVE-2024-2777.json index 3dd4f2f7e78..ab23e0e5c78 100644 --- a/2024/2xxx/CVE-2024-2777.json +++ b/2024/2xxx/CVE-2024-2777.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been found in Campcodes Online Marriage Registration System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/application-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257611." + "value": "A vulnerability has been found in Campcodes/PHPGurukul Online Marriage Registration System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/application-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." }, { "lang": "deu", - "value": "In Campcodes Online Marriage Registration System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /admin/application-bwdates-reports-details.php. Mit der Manipulation des Arguments fromdate mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "In Campcodes/PHPGurukul Online Marriage Registration System 1.0 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /admin/application-bwdates-reports-details.php. Mit der Manipulation des Arguments fromdate mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -25,10 +25,19 @@ "description": [ { "lang": "eng", - "value": "CWE-89 SQL Injection", + "value": "SQL Injection", "cweId": "CWE-89" } ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] } ] }, @@ -52,6 +61,24 @@ } ] } + }, + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Online Marriage Registration System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } } ] } @@ -68,6 +95,11 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.257611" }, + { + "url": "https://vuldb.com/?submit.302430", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.302430" + }, { "url": "https://github.com/E1CHO/cve_hub/blob/main/Complete%20Online%20Marriage%20Registration%20System/Complete%20Online%20Marriage%20Registration%20System%20-%20vuln%202.pdf", "refsource": "MISC", diff --git a/2024/47xxx/CVE-2024-47784.json b/2024/47xxx/CVE-2024-47784.json index 6d7ac21c5e8..c7a57f01fbd 100644 --- a/2024/47xxx/CVE-2024-47784.json +++ b/2024/47xxx/CVE-2024-47784.json @@ -1,17 +1,88 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-47784", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cybersecurity@ch.abb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unverified Password Change for ANC software that allows an authenticated attacker to bypass the old Password check in the password change form via a web HMI\nThis issue affects ANC software version 1.1.4 and earlier." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-620: Unverified Password Change", + "cweId": "CWE-620" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ABB", + "product": { + "product_data": [ + { + "product_name": "ANC", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch", + "refsource": "MISC", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 2.6, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/9xxx/CVE-2024-9876.json b/2024/9xxx/CVE-2024-9876.json index ea320690b40..720cbcff928 100644 --- a/2024/9xxx/CVE-2024-9876.json +++ b/2024/9xxx/CVE-2024-9876.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9876", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cybersecurity@ch.abb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": ": Modification of Assumed-Immutable Data (MAID) vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-471: Modification of Assumed-Immutable Data (MAID)", + "cweId": "CWE-471" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ABB", + "product": { + "product_data": [ + { + "product_name": "ANC", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + }, + { + "product_name": "ANC-L", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + }, + { + "product_name": "ANC-mini", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch", + "refsource": "MISC", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" } ] } diff --git a/2024/9xxx/CVE-2024-9877.json b/2024/9xxx/CVE-2024-9877.json index df636dee311..1eb25f148e4 100644 --- a/2024/9xxx/CVE-2024-9877.json +++ b/2024/9xxx/CVE-2024-9877.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9877", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cybersecurity@ch.abb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": ": Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-598: Use of GET Request Method With Sensitive Query Strings", + "cweId": "CWE-598" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ABB", + "product": { + "product_data": [ + { + "product_name": "ANC", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + }, + { + "product_name": "ANC-L", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + }, + { + "product_name": "ANC-mini", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "0", + "version_value": "1.1.4" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch", + "refsource": "MISC", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2CRT000006&LanguageCode=en&DocumentPartId=PDF&Action=Launch" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/24xxx/CVE-2025-24887.json b/2025/24xxx/CVE-2025-24887.json index 0e6e41ddad5..5e9a372c9bd 100644 --- a/2025/24xxx/CVE-2025-24887.json +++ b/2025/24xxx/CVE-2025-24887.json @@ -1,17 +1,94 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-24887", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the `external` flag on/off and change the own token value for a user. It is also possible to edit attributes that are not in the allow list, such as `otp_qr` and `otp_activated`. If external users exist in the OpenCTI setup and the information about these users identities is sensitive, the above vulnerabilities can be used to enumerate existing user accounts as a standard low privileged user. This issue has been patched in version 6.4.10." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-657: Violation of Secure Design Principles", + "cweId": "CWE-657" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "OpenCTI-Platform", + "product": { + "product_data": [ + { + "product_name": "opencti", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 6.4.8, < 6.4.10" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-8262-pw2q-5qc3", + "refsource": "MISC", + "name": "https://github.com/OpenCTI-Platform/opencti/security/advisories/GHSA-8262-pw2q-5qc3" + } + ] + }, + "source": { + "advisory": "GHSA-8262-pw2q-5qc3", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "version": "3.1" } ] } diff --git a/2025/2xxx/CVE-2025-2170.json b/2025/2xxx/CVE-2025-2170.json index 3375324ba61..b639f104f63 100644 --- a/2025/2xxx/CVE-2025-2170.json +++ b/2025/2xxx/CVE-2025-2170.json @@ -1,18 +1,71 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2170", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "PSIRT@sonicwall.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface, which in specific conditions could potentially enable a remote unauthenticated attacker to cause the appliance to make requests to an unintended location." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-918 Server-Side Request Forgery (SSRF)", + "cweId": "CWE-918" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SonicWall", + "product": { + "product_data": [ + { + "product_name": "SMA1000", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "12.4.3-02907 (platform-hotfix) and earlier versions" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "http://10.210.34.9/vuln-detail/SNWLID-2025-0008", + "refsource": "MISC", + "name": "http://10.210.34.9/vuln-detail/SNWLID-2025-0008" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "SNWLID-2025-0008", + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2025/32xxx/CVE-2025-32777.json b/2025/32xxx/CVE-2025-32777.json index 3a8ab277ed7..7271bcc063b 100644 --- a/2025/32xxx/CVE-2025-32777.json +++ b/2025/32xxx/CVE-2025-32777.json @@ -1,18 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-32777", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Volcano is a Kubernetes-native batch scheduling system. Prior to versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2, attacker compromise of either the Elastic service or the extender plugin can cause denial of service of the scheduler. This is a privilege escalation, because Volcano users may run their Elastic service and extender plugins in separate pods or nodes from the scheduler. In the Kubernetes security model, node isolation is a security boundary, and as such an attacker is able to cross that boundary in Volcano's case if they have compromised either the vulnerable services or the pod/node in which they are deployed. The scheduler will become unavailable to other users and workloads in the cluster. The scheduler will either crash with an unrecoverable OOM panic or freeze while consuming excessive amounts of memory. This issue has been patched in versions 1.11.2, 1.10.2, 1.9.1, 1.11.0-network-topology-preview.3, and 1.12.0-alpha.2." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770: Allocation of Resources Without Limits or Throttling", + "cweId": "CWE-770" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "volcano-sh", + "product": { + "product_data": [ + { + "product_name": "volcano", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.11.0, < 1.11.2" + }, + { + "version_affected": "=", + "version_value": ">= 1.10.0-alpha.0, < 1.10.2" + }, + { + "version_affected": "=", + "version_value": "< 1.9.1" + }, + { + "version_affected": "=", + "version_value": ">= 1.11.0-network-topology-preview.0, < 1.11.0-network-topology-preview.3" + }, + { + "version_affected": "=", + "version_value": ">= 1.12.0-alpha.0, < 1.12.0-alpha.2" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/volcano-sh/volcano/security/advisories/GHSA-hg79-fw4p-25p8", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/security/advisories/GHSA-hg79-fw4p-25p8" + }, + { + "url": "https://github.com/volcano-sh/volcano/releases/tag/v1.10.2", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/releases/tag/v1.10.2" + }, + { + "url": "https://github.com/volcano-sh/volcano/releases/tag/v1.11.0-network-topology-preview.3", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/releases/tag/v1.11.0-network-topology-preview.3" + }, + { + "url": "https://github.com/volcano-sh/volcano/releases/tag/v1.11.2", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/releases/tag/v1.11.2" + }, + { + "url": "https://github.com/volcano-sh/volcano/releases/tag/v1.12.0-alpha.2", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/releases/tag/v1.12.0-alpha.2" + }, + { + "url": "https://github.com/volcano-sh/volcano/releases/tag/v1.9.1", + "refsource": "MISC", + "name": "https://github.com/volcano-sh/volcano/releases/tag/v1.9.1" + } + ] + }, + "source": { + "advisory": "GHSA-hg79-fw4p-25p8", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46331.json b/2025/46xxx/CVE-2025-46331.json index 6686cd45ef0..6b6b4597550 100644 --- a/2025/46xxx/CVE-2025-46331.json +++ b/2025/46xxx/CVE-2025-46331.json @@ -1,18 +1,73 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46331", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.10 to v1.3.6 (Helm chart <= openfga-0.2.28, docker <= v.1.8.10) are vulnerable to authorization bypass when certain Check and ListObject calls are executed. This issue has been patched in version 1.8.11." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control", + "cweId": "CWE-284" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "openfga", + "product": { + "product_data": [ + { + "product_name": "openfga", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">=1.3.6, <1.8.11" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/openfga/openfga/security/advisories/GHSA-w222-m46c-mgh6", + "refsource": "MISC", + "name": "https://github.com/openfga/openfga/security/advisories/GHSA-w222-m46c-mgh6" + }, + { + "url": "https://github.com/openfga/openfga/commit/244302e7a8b979d66cc1874a3899cdff7d47862f", + "refsource": "MISC", + "name": "https://github.com/openfga/openfga/commit/244302e7a8b979d66cc1874a3899cdff7d47862f" + } + ] + }, + "source": { + "advisory": "GHSA-w222-m46c-mgh6", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46554.json b/2025/46xxx/CVE-2025-46554.json index add1c5c3b06..272c7b79c8a 100644 --- a/2025/46xxx/CVE-2025-46554.json +++ b/2025/46xxx/CVE-2025-46554.json @@ -1,17 +1,117 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46554", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki is a generic wiki platform. In versions starting from 1.8.1 to before 14.10.22, from 15.0-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.7.0, anyone can access the metadata of any attachment in the wiki using the wiki attachment REST endpoint. There is no filtering for the results depending on current user rights, meaning an unauthenticated user could exploit this even in a private wiki. This issue has been patched in versions 14.10.22, 15.10.12, 16.4.3, and 16.7.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.8.1, < 14.10.22" + }, + { + "version_affected": "=", + "version_value": ">= 15.0-rc-1, < 15.10.12" + }, + { + "version_affected": "=", + "version_value": ">= 16.0.0-rc-1, < 16.4.3" + }, + { + "version_affected": "=", + "version_value": ">= 16.5.0-rc-1, < 16.7.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-r5cr-xm48-97xp", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-r5cr-xm48-97xp" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/37ecea84fdd053c33733c2ae9a0778bf98eae608", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/37ecea84fdd053c33733c2ae9a0778bf98eae608" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/a43e933ddeda17dad1772396e1757998260e9342", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/a43e933ddeda17dad1772396e1757998260e9342" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/c02ce7843a39851865b9d7b6132e32fdd21e3856", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/c02ce7843a39851865b9d7b6132e32fdd21e3856" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-22424", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-22424" + } + ] + }, + "source": { + "advisory": "GHSA-r5cr-xm48-97xp", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/46xxx/CVE-2025-46557.json b/2025/46xxx/CVE-2025-46557.json index f6462f248bb..3c7bfc60e0c 100644 --- a/2025/46xxx/CVE-2025-46557.json +++ b/2025/46xxx/CVE-2025-46557.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46557", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki is a generic wiki platform. In versions starting from 15.3-rc-1 to before 15.10.14, from 16.0.0-rc-1 to before 16.4.6, and from 16.5.0-rc-1 to before 16.10.0-rc-1, a user who can access pages located in the XWiki space (by default, anyone) can access the page XWiki.Authentication.Administration and (unless an authenticator is set in xwiki.cfg) switch to another installed authenticator. Note that, by default, there is only one authenticator available (Standard XWiki Authenticator). So, if no authenticator extension was installed, it's not really possible to do anything for an attacker. Also, in most cases, if an SSO authenticator is installed and utilized (like OIDC or LDAP for example), the worst an attacker can do is break authentication by switching back to the standard authenticator (that's because it's impossible to login to a user which does not have a stored password, and that's usually what SSO authenticator produce). This issue has been patched in versions 15.10.14, 16.4.6, and 16.10.0-rc-1." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-862: Missing Authorization", + "cweId": "CWE-862" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki", + "product": { + "product_data": [ + { + "product_name": "xwiki-platform", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 15.3-rc-1, < 15.10.14" + }, + { + "version_affected": "=", + "version_value": ">= 16.0.0-rc-1, < 16.4.6" + }, + { + "version_affected": "=", + "version_value": ">= 16.5.0-rc-1, < 16.10.0-rc-1" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-f9c6-2f9p-82jj", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-f9c6-2f9p-82jj" + }, + { + "url": "https://github.com/xwiki/xwiki-platform/commit/5efc31cea1501c9a5cb593566fea8b558ff32a2a", + "refsource": "MISC", + "name": "https://github.com/xwiki/xwiki-platform/commit/5efc31cea1501c9a5cb593566fea8b558ff32a2a" + }, + { + "url": "https://jira.xwiki.org/browse/XWIKI-22604", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/XWIKI-22604" + } + ] + }, + "source": { + "advisory": "GHSA-f9c6-2f9p-82jj", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/46xxx/CVE-2025-46558.json b/2025/46xxx/CVE-2025-46558.json index 157eb284e10..a502125ffa2 100644 --- a/2025/46xxx/CVE-2025-46558.json +++ b/2025/46xxx/CVE-2025-46558.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-46558", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "XWiki Contrib's Syntax Markdown allows importing Markdown content into wiki pages and creating wiki content in Markdown. In versions starting from 8.2 to before 8.9, the Markdown syntax is vulnerable to cross-site scripting (XSS) through HTML. In particular, using Markdown syntax, it's possible for any user to embed Javascript code that will then be executed on the browser of any other user visiting either the document or the comment that contains it. In the instance that this code is executed by a user with admins or programming rights, this issue compromises the confidentiality, integrity and availability of the whole XWiki installation. This issue has been patched in version 8.9." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "xwiki-contrib", + "product": { + "product_data": [ + { + "product_name": "syntax-markdown", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 8.2, < 8.9" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/xwiki-contrib/syntax-markdown/security/advisories/GHSA-8g2j-rhfh-hq3r", + "refsource": "MISC", + "name": "https://github.com/xwiki-contrib/syntax-markdown/security/advisories/GHSA-8g2j-rhfh-hq3r" + }, + { + "url": "https://github.com/xwiki-contrib/syntax-markdown/commit/d136472d6e8a47981a0ede420a9096f88ffa5035", + "refsource": "MISC", + "name": "https://github.com/xwiki-contrib/syntax-markdown/commit/d136472d6e8a47981a0ede420a9096f88ffa5035" + }, + { + "url": "https://jira.xwiki.org/browse/MARKDOWN-80", + "refsource": "MISC", + "name": "https://jira.xwiki.org/browse/MARKDOWN-80" + } + ] + }, + "source": { + "advisory": "GHSA-8g2j-rhfh-hq3r", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/4xxx/CVE-2025-4145.json b/2025/4xxx/CVE-2025-4145.json new file mode 100644 index 00000000000..504a4f4bb3b --- /dev/null +++ b/2025/4xxx/CVE-2025-4145.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4145", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4146.json b/2025/4xxx/CVE-2025-4146.json new file mode 100644 index 00000000000..ea56b56a828 --- /dev/null +++ b/2025/4xxx/CVE-2025-4146.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4146", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4147.json b/2025/4xxx/CVE-2025-4147.json new file mode 100644 index 00000000000..2ad8b0ec9bb --- /dev/null +++ b/2025/4xxx/CVE-2025-4147.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4147", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4148.json b/2025/4xxx/CVE-2025-4148.json new file mode 100644 index 00000000000..95ce2f8d6da --- /dev/null +++ b/2025/4xxx/CVE-2025-4148.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4148", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4149.json b/2025/4xxx/CVE-2025-4149.json new file mode 100644 index 00000000000..0169f52e429 --- /dev/null +++ b/2025/4xxx/CVE-2025-4149.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4149", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4150.json b/2025/4xxx/CVE-2025-4150.json new file mode 100644 index 00000000000..52c1ea133a4 --- /dev/null +++ b/2025/4xxx/CVE-2025-4150.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4150", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4151.json b/2025/4xxx/CVE-2025-4151.json new file mode 100644 index 00000000000..90c07ebbddd --- /dev/null +++ b/2025/4xxx/CVE-2025-4151.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4151", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4152.json b/2025/4xxx/CVE-2025-4152.json new file mode 100644 index 00000000000..b48ba79bf86 --- /dev/null +++ b/2025/4xxx/CVE-2025-4152.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4152", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4153.json b/2025/4xxx/CVE-2025-4153.json new file mode 100644 index 00000000000..c6ca9da465d --- /dev/null +++ b/2025/4xxx/CVE-2025-4153.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4153", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4154.json b/2025/4xxx/CVE-2025-4154.json new file mode 100644 index 00000000000..9b2580963ad --- /dev/null +++ b/2025/4xxx/CVE-2025-4154.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4154", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4155.json b/2025/4xxx/CVE-2025-4155.json new file mode 100644 index 00000000000..2587e607064 --- /dev/null +++ b/2025/4xxx/CVE-2025-4155.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4155", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4156.json b/2025/4xxx/CVE-2025-4156.json new file mode 100644 index 00000000000..91a6481d597 --- /dev/null +++ b/2025/4xxx/CVE-2025-4156.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4156", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4157.json b/2025/4xxx/CVE-2025-4157.json new file mode 100644 index 00000000000..ecfeb2456f9 --- /dev/null +++ b/2025/4xxx/CVE-2025-4157.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4157", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4158.json b/2025/4xxx/CVE-2025-4158.json new file mode 100644 index 00000000000..176a5acab16 --- /dev/null +++ b/2025/4xxx/CVE-2025-4158.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4158", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4159.json b/2025/4xxx/CVE-2025-4159.json new file mode 100644 index 00000000000..3fc8266c39c --- /dev/null +++ b/2025/4xxx/CVE-2025-4159.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4159", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4160.json b/2025/4xxx/CVE-2025-4160.json new file mode 100644 index 00000000000..d6901e69704 --- /dev/null +++ b/2025/4xxx/CVE-2025-4160.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4160", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4161.json b/2025/4xxx/CVE-2025-4161.json new file mode 100644 index 00000000000..ec2de3a7a67 --- /dev/null +++ b/2025/4xxx/CVE-2025-4161.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4161", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4162.json b/2025/4xxx/CVE-2025-4162.json new file mode 100644 index 00000000000..7d4e8908e16 --- /dev/null +++ b/2025/4xxx/CVE-2025-4162.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4162", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4163.json b/2025/4xxx/CVE-2025-4163.json new file mode 100644 index 00000000000..964b03cdfff --- /dev/null +++ b/2025/4xxx/CVE-2025-4163.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4163", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4164.json b/2025/4xxx/CVE-2025-4164.json new file mode 100644 index 00000000000..37dc404c7bb --- /dev/null +++ b/2025/4xxx/CVE-2025-4164.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4164", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4165.json b/2025/4xxx/CVE-2025-4165.json new file mode 100644 index 00000000000..cfd28507f23 --- /dev/null +++ b/2025/4xxx/CVE-2025-4165.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4165", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file