admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-03-03 09:00:32 +00:00
parent 3da5e0eae5
commit c321f0761c
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
13 changed files with 1016 additions and 405 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
2021/47xxx/CVE-2021-47469.json
View File

@ -5,110 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2021-47469",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix deadlock when adding SPI controllers on SPI buses\n\nCurrently we have a global spi_add_lock which we take when adding new\ndevices so that we can check that we're not trying to reuse a chip\nselect that's already controlled. This means that if the SPI device is\nitself a SPI controller and triggers the instantiation of further SPI\ndevices we trigger a deadlock as we try to register and instantiate\nthose devices while in the process of doing so for the parent controller\nand hence already holding the global spi_add_lock. Since we only care\nabout concurrency within a single SPI bus move the lock to be per\ncontroller, avoiding the deadlock.\n\nThis can be easily triggered in the case of spi-mux."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "aa3f3d7bef59"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.4.286",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.230",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.14.15",
"lessThanOrEqual": "5.14.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/aa3f3d7bef59583f2d3234173105a27ff61ef8fe",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/aa3f3d7bef59583f2d3234173105a27ff61ef8fe"
},
{
"url": "https://git.kernel.org/stable/c/c8dce228db6f81dbc897a018dfc5c418e917cf64",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/c8dce228db6f81dbc897a018dfc5c418e917cf64"
},
{
"url": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/722ef19a161ce3fffb3d1b01ce2301c306639bdd"
},
{
"url": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/6098475d4cb48d821bdf453c61118c56e26294f0"
}
]
},
"generator": {
"engine": "bippy-8e903de6a542"
}
}

165
2023/52xxx/CVE-2023-52917.json
View File

@ -5,175 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2023-52917",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir()\n\nThe debugfs_create_dir() function returns error pointers.\nIt never returns NULL. So use IS_ERR() to check it."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "e26a5843f7f5",
"version_value": "20cbc281033e"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "4.2",
"status": "affected"
},
{
"version": "0",
"lessThan": "4.2",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "4.19.323",
"lessThanOrEqual": "4.19.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.4.285",
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.10.227",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.168",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.113",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.54",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.10.13",
"lessThanOrEqual": "6.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.2",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/20cbc281033ef5324f67f2d54bc539968f937255",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/20cbc281033ef5324f67f2d54bc539968f937255"
},
{
"url": "https://git.kernel.org/stable/c/4b2fbba4e44630a59b09d32627b63c4ffdf70f78",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/4b2fbba4e44630a59b09d32627b63c4ffdf70f78"
},
{
"url": "https://git.kernel.org/stable/c/ef7e34237e2612b116a84c9640628a6f7a0d693e",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/ef7e34237e2612b116a84c9640628a6f7a0d693e"
},
{
"url": "https://git.kernel.org/stable/c/a429158f2e0a7a03eb67fd5e204e1f6735c725aa",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a429158f2e0a7a03eb67fd5e204e1f6735c725aa"
},
{
"url": "https://git.kernel.org/stable/c/7cbd6d7fb9ba2be03978809c848e2e50eaeead2c",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/7cbd6d7fb9ba2be03978809c848e2e50eaeead2c"
},
{
"url": "https://git.kernel.org/stable/c/16e5bed6c1883b19f9fcbdff996aa3381954d5f3",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/16e5bed6c1883b19f9fcbdff996aa3381954d5f3"
},
{
"url": "https://git.kernel.org/stable/c/b66bf833e72a1e23d7ccafc0f8f74e80f8c357b5",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b66bf833e72a1e23d7ccafc0f8f74e80f8c357b5"
},
{
"url": "https://git.kernel.org/stable/c/babba8595d1e5d57313a6187f3e51aceacc6881a",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/babba8595d1e5d57313a6187f3e51aceacc6881a"
},
{
"url": "https://git.kernel.org/stable/c/e229897d373a87ee09ec5cc4ecd4bb2f895fc16b",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/e229897d373a87ee09ec5cc4ecd4bb2f895fc16b"
}
]
},
"generator": {
"engine": "bippy-8e903de6a542"
}
}

122
2024/50xxx/CVE-2024-50181.json
View File

@ -5,132 +5,14 @@
"CVE_data_meta": {
"ID": "CVE-2024-50181",
"ASSIGNER": "cve@kernel.org",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D\n\nFor i.MX7D DRAM related mux clock, the clock source change should ONLY\nbe done done in low level asm code without accessing DRAM, and then\ncalling clk API to sync the HW clock status with clk tree, it should never\ntouch real clock source switch via clk API, so CLK_SET_PARENT_GATE flag\nshould NOT be added, otherwise, DRAM's clock parent will be disabled when\nDRAM is active, and system will hang."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linux",
"product": {
"product_data": [
{
"product_name": "Linux",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1da177e4c3f4",
"version_value": "b677b94a9193"
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "5.10.227",
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "5.15.168",
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.1.113",
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.6.57",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.11.4",
"lessThanOrEqual": "6.11.*",
"status": "unaffected",
"versionType": "semver"
},
{
"version": "6.12",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
],
"defaultStatus": "affected"
}
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://git.kernel.org/stable/c/b677b94a9193ec7b6607bd1255172ae59174a382",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/b677b94a9193ec7b6607bd1255172ae59174a382"
},
{
"url": "https://git.kernel.org/stable/c/d18dc8e14b9c794f58dae1577ccb2ab84a4a1b11",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/d18dc8e14b9c794f58dae1577ccb2ab84a4a1b11"
},
{
"url": "https://git.kernel.org/stable/c/11ceb17e6f07cc30410f3a6276cddda248a9b863",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/11ceb17e6f07cc30410f3a6276cddda248a9b863"
},
{
"url": "https://git.kernel.org/stable/c/339273a9ddfe7632b717c2e13e81cbd5d383e1ff",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/339273a9ddfe7632b717c2e13e81cbd5d383e1ff"
},
{
"url": "https://git.kernel.org/stable/c/94f6cdc837e38371324cee97dfd2ef1a99a82c98",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/94f6cdc837e38371324cee97dfd2ef1a99a82c98"
},
{
"url": "https://git.kernel.org/stable/c/a54c441b46a0745683c2eef5a359d22856d27323",
"refsource": "MISC",
"name": "https://git.kernel.org/stable/c/a54c441b46a0745683c2eef5a359d22856d27323"
}
]
},
"generator": {
"engine": "bippy-8e903de6a542"
}
}

8
2024/56xxx/CVE-2024-56741.json
View File

@ -1,17 +1,17 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-56741",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@kernel.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
]
}

114
2025/1xxx/CVE-2025-1857.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1857",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This affects an unknown part of the file /check_availability.php. The manipulation of the argument employeeid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in PHPGurukul Nipah Virus Testing Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /check_availability.php. Durch die Manipulation des Arguments employeeid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Nipah Virus Testing Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.298125",
"refsource": "MISC",
"name": "https://vuldb.com/?id.298125"
},
{
"url": "https://vuldb.com/?ctiid.298125",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.298125"
},
{
"url": "https://vuldb.com/?submit.506120",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.506120"
},
{
"url": "https://github.com/panghuanjie/Code-audits/issues/1",
"refsource": "MISC",
"name": "https://github.com/panghuanjie/Code-audits/issues/1"
},
{
"url": "https://phpgurukul.com/",
"refsource": "MISC",
"name": "https://phpgurukul.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "panghuanjie66 (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

109
2025/1xxx/CVE-2025-1858.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1858",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as critical was found in Codezips Online Shopping Website 1.0. This vulnerability affects unknown code of the file /success.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In Codezips Online Shopping Website 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei /success.php. Durch Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Codezips",
"product": {
"product_data": [
{
"product_name": "Online Shopping Website",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.298126",
"refsource": "MISC",
"name": "https://vuldb.com/?id.298126"
},
{
"url": "https://vuldb.com/?ctiid.298126",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.298126"
},
{
"url": "https://vuldb.com/?submit.506315",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.506315"
},
{
"url": "https://github.com/Centurion-cyber/CVE/blob/main/CVE_1.md",
"refsource": "MISC",
"name": "https://github.com/Centurion-cyber/CVE/blob/main/CVE_1.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Centurion-cyber (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

92
2025/1xxx/CVE-2025-1864.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-1864",
"ASSIGNER": "cve_disclosure@tech.gov.sg",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "radareorg",
"product": {
"product_data": [
{
"product_name": "radare2",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "patch 5.9.9",
"status": "unaffected"
}
],
"lessThan": "<5.9.9",
"status": "affected",
"version": "0",
"versionType": "git"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/radareorg/radare2/pull/23981",
"refsource": "MISC",
"name": "https://github.com/radareorg/radare2/pull/23981"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "TITAN Team (titancaproject@gmail.com)"
}
]
}

18
2025/1xxx/CVE-2025-1865.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1865",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

92
2025/1xxx/CVE-2025-1866.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-1866",
"ASSIGNER": "cve_disclosure@tech.gov.sg",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in warmcat libwebsockets allows Pointer Manipulation, potentially leading to out-of-bounds memory access. This issue affects libwebsockets before 4.3.4 and is present in code built specifically for the Win32 platform.\n\nBy default, the affected code is not executed unless one of the following conditions is met:\n\nLWS_WITHOUT_EXTENSIONS (default ON) is manually set to OFF in CMake.\nLWS_WITH_HTTP_STREAM_COMPRESSION (default OFF) is manually set to ON in CMake.\nDespite these conditions, when triggered in affected configurations, this vulnerability may allow attackers to manipulate pointers, potentially leading to memory corruption or unexpected behavior."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "warmcat",
"product": {
"product_data": [
{
"product_name": "libwebsockets",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "patch 4.3.4",
"status": "unaffected"
}
],
"lessThan": "<4.3.4",
"status": "affected",
"version": "0",
"versionType": "git"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/warmcat/libwebsockets/commit/3f7c79fd57338aca1bf4a1b1f24e324b80d36265",
"refsource": "MISC",
"name": "https://github.com/warmcat/libwebsockets/commit/3f7c79fd57338aca1bf4a1b1f24e324b80d36265"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "TITAN Team (titancaproject@gmail.com)"
}
]
}

92
2025/1xxx/CVE-2025-1867.json Normal file
View File

@ -0,0 +1,92 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2025-1867",
"ASSIGNER": "cve_disclosure@tech.gov.sg",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in ithewei libhv allows HTTP Response Smuggling.This issue affects libhv: through 1.3.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-444 Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')",
"cweId": "CWE-444"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ithewei",
"product": {
"product_data": [
{
"product_name": "libhv",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"changes": [
{
"at": "patch",
"status": "unaffected"
}
],
"lessThanOrEqual": "1.3.3",
"status": "affected",
"version": "0",
"versionType": "git"
}
],
"defaultStatus": "unaffected"
}
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/ithewei/libhv/pull/689",
"refsource": "MISC",
"name": "https://github.com/ithewei/libhv/pull/689"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"credits": [
{
"lang": "en",
"value": "TITAN Team (titancaproject@gmail.com)"
}
]
}

85
2025/24xxx/CVE-2025-24654.json
View File

@ -1,17 +1,94 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-24654",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "audit@patchstack.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Missing Authorization vulnerability in SEO Squirrly SEO Plugin by Squirrly SEO.This issue affects SEO Plugin by Squirrly SEO: from n/a through 12.4.05."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862 Missing Authorization",
"cweId": "CWE-862"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SEO Squirrly",
"product": {
"product_data": [
{
"product_name": "SEO Plugin by Squirrly SEO",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "n/a",
"version_value": "12.4.05"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://patchstack.com/database/wordpress/plugin/squirrly-seo/vulnerability/wordpress-squirrly-seo-plugin-12-4-05-broken-access-control-vulnerability?_s_id=cve",
"refsource": "MISC",
"name": "https://patchstack.com/database/wordpress/plugin/squirrly-seo/vulnerability/wordpress-squirrly-seo-plugin-12-4-05-broken-access-control-vulnerability?_s_id=cve"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "EXTERNAL"
},
"credits": [
{
"lang": "en",
"value": "Rafie Muhammad (Patchstack)"
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
}
]
}

201
2025/24xxx/CVE-2025-24846.json
View File

@ -1,17 +1,210 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-24846",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may obtain the device information such as MAC address by sending a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass Using an Alternate Path or Channel",
"cweId": "CWE-288"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Century Systems Co., Ltd.",
"product": {
"product_data": [
{
"product_name": "FutureNet AS-250/S",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/F-SC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/F-KO",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/KL Rev2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-P250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-P250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-210/U4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.4 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.centurysys.co.jp/backnumber/common/jvnvu96398949.html",
"refsource": "MISC",
"name": "https://www.centurysys.co.jp/backnumber/common/jvnvu96398949.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU96398949/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU96398949/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "HIGH",
"baseScore": 7.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
}
]
}

223
2025/25xxx/CVE-2025-25280.json
View File

@ -1,17 +1,232 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-25280",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers) and FA series (Protocol Conversion Machine) provided by Century Systems Co., Ltd. If this vulnerability is exploited, a remote unauthenticated attacker may reboot the device by sending a specially crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer overflow",
"cweId": "CWE-120"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Century Systems Co., Ltd.",
"product": {
"product_data": [
{
"product_name": "FutureNet AS-250/S",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/F-SC",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/F-KO",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.14.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/KL Rev2",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.6 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-250/L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.6 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/L",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 3.0.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 3.0.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-M250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 3.0.0 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-P250/NL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.6 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-P250/KL",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.6 and earlier"
}
]
}
},
{
"product_name": "FutureNet AS-210/U4",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 2.6.6 and earlier"
}
]
}
},
{
"product_name": "FutureNet FA-210",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.1.9 and earlier"
}
]
}
},
{
"product_name": "FutureNet FA-215",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "firmware Version 1.0.1 and earlier"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.centurysys.co.jp/backnumber/common/jvnvu96398949.html",
"refsource": "MISC",
"name": "https://www.centurysys.co.jp/backnumber/common/jvnvu96398949.html"
},
{
"url": "https://jvn.jp/en/vu/JVNVU96398949/",
"refsource": "MISC",
"name": "https://jvn.jp/en/vu/JVNVU96398949/"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseSeverity": "MEDIUM",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
}
]
}