diff --git a/2023/52xxx/CVE-2023-52315.json b/2023/52xxx/CVE-2023-52315.json index c28d8cefc88..12ff79d7c1a 100644 --- a/2023/52xxx/CVE-2023-52315.json +++ b/2023/52xxx/CVE-2023-52315.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52315", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52316.json b/2023/52xxx/CVE-2023-52316.json index 808c71ef540..279dfdac650 100644 --- a/2023/52xxx/CVE-2023-52316.json +++ b/2023/52xxx/CVE-2023-52316.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52316", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52317.json b/2023/52xxx/CVE-2023-52317.json index cb8302fc531..3411aeaecaf 100644 --- a/2023/52xxx/CVE-2023-52317.json +++ b/2023/52xxx/CVE-2023-52317.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52317", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52318.json b/2023/52xxx/CVE-2023-52318.json index 6f40ccbb245..48812512764 100644 --- a/2023/52xxx/CVE-2023-52318.json +++ b/2023/52xxx/CVE-2023-52318.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52318", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52319.json b/2023/52xxx/CVE-2023-52319.json index cca9cdc765a..c6b1021e597 100644 --- a/2023/52xxx/CVE-2023-52319.json +++ b/2023/52xxx/CVE-2023-52319.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52319", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52320.json b/2023/52xxx/CVE-2023-52320.json index bf631d21103..b125549ed45 100644 --- a/2023/52xxx/CVE-2023-52320.json +++ b/2023/52xxx/CVE-2023-52320.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52320", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2023/52xxx/CVE-2023-52321.json b/2023/52xxx/CVE-2023-52321.json index 6ebc8d3c200..25b0a8242b6 100644 --- a/2023/52xxx/CVE-2023-52321.json +++ b/2023/52xxx/CVE-2023-52321.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-52321", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "paddle-security@baidu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** This CVE Record has been withdrawn by its CNA." } ] } diff --git a/2024/13xxx/CVE-2024-13928.json b/2024/13xxx/CVE-2024-13928.json new file mode 100644 index 00000000000..92b4d26000e --- /dev/null +++ b/2024/13xxx/CVE-2024-13928.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13928", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13929.json b/2024/13xxx/CVE-2024-13929.json new file mode 100644 index 00000000000..6e7c8f230ea --- /dev/null +++ b/2024/13xxx/CVE-2024-13929.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13929", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13930.json b/2024/13xxx/CVE-2024-13930.json new file mode 100644 index 00000000000..32c45967af2 --- /dev/null +++ b/2024/13xxx/CVE-2024-13930.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13930", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13931.json b/2024/13xxx/CVE-2024-13931.json new file mode 100644 index 00000000000..fe0f4818689 --- /dev/null +++ b/2024/13xxx/CVE-2024-13931.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13931", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/13xxx/CVE-2024-13932.json b/2024/13xxx/CVE-2024-13932.json new file mode 100644 index 00000000000..774e56bdda0 --- /dev/null +++ b/2024/13xxx/CVE-2024-13932.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-13932", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/1xxx/CVE-2025-1398.json b/2025/1xxx/CVE-2025-1398.json index 24121951944..8ab5a9593bc 100644 --- a/2025/1xxx/CVE-2025-1398.json +++ b/2025/1xxx/CVE-2025-1398.json @@ -1,17 +1,124 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-1398", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "responsibledisclosure@mattermost.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessary macOS entitlements which allows an attacker with remote access to bypass Transparency, Consent, and Control (TCC) via code injection." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-426: Untrusted Search Path", + "cweId": "CWE-426" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Mattermost", + "product": { + "product_data": [ + { + "product_name": "Mattermost", + "version": { + "version_data": [ + { + "version_value": "not down converted", + "x_cve_json_5_version_data": { + "versions": [ + { + "lessThanOrEqual": "5.10.0", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "status": "unaffected", + "version": "5.11.0" + } + ], + "defaultStatus": "unaffected" + } + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://mattermost.com/security-updates", + "refsource": "MISC", + "name": "https://mattermost.com/security-updates" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.2.0" + }, + "source": { + "advisory": "MMSA-2024-00403", + "defect": [ + "https://mattermost.atlassian.net/browse/MM-61724" + ], + "discovery": "EXTERNAL" + }, + "solution": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "

Update Mattermost Desktop App to versions 5.11.0 or higher.

" + } + ], + "value": "Update Mattermost Desktop App to versions 5.11.0 or higher." + } + ], + "credits": [ + { + "lang": "en", + "value": "nullevent" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 3.3, + "baseSeverity": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", + "version": "3.1" } ] } diff --git a/2025/25xxx/CVE-2025-25612.json b/2025/25xxx/CVE-2025-25612.json index 91f7e329afb..013490c0598 100644 --- a/2025/25xxx/CVE-2025-25612.json +++ b/2025/25xxx/CVE-2025-25612.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-25612", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-25612", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "FS Inc S3150-8T2F prior to version S3150-8T2F_2.2.0D_135103 is vulnerable to Cross Site Scripting (XSS) in the Time Range Configuration functionality of the administration interface. An attacker can inject malicious JavaScript into the \"Time Range Name\" field, which is improperly sanitized. When this input is saved, it is later executed in the browser of any user accessing the affected page, including administrators, resulting in arbitrary script execution in the user's browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://fs.com", + "refsource": "MISC", + "name": "http://fs.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/secmuzz/CVE-2025-25612/", + "url": "https://github.com/secmuzz/CVE-2025-25612/" } ] } diff --git a/2025/25xxx/CVE-2025-25618.json b/2025/25xxx/CVE-2025-25618.json index 85cb86472ce..0955449521d 100644 --- a/2025/25xxx/CVE-2025-25618.json +++ b/2025/25xxx/CVE-2025-25618.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-25618", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-25618", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the change of Section Name and Room Number by Teachers." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/changeweb/Unifiedtransform", + "refsource": "MISC", + "name": "https://github.com/changeweb/Unifiedtransform" + }, + { + "refsource": "MISC", + "name": "https://github.com/armaansidana2003/CVE-2025-25618", + "url": "https://github.com/armaansidana2003/CVE-2025-25618" } ] } diff --git a/2025/25xxx/CVE-2025-25621.json b/2025/25xxx/CVE-2025-25621.json index d6a1643c02f..1bb97810ef9 100644 --- a/2025/25xxx/CVE-2025-25621.json +++ b/2025/25xxx/CVE-2025-25621.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-25621", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-25621", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take attendance of fellow teachers. This affected endpoint is /courses/teacher/index?teacher_id=2&semester_id=1." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/changeweb/Unifiedtransform", + "refsource": "MISC", + "name": "https://github.com/changeweb/Unifiedtransform" + }, + { + "refsource": "MISC", + "name": "https://github.com/armaansidana2003/CVE-2025-25621", + "url": "https://github.com/armaansidana2003/CVE-2025-25621" } ] } diff --git a/2025/25xxx/CVE-2025-25650.json b/2025/25xxx/CVE-2025-25650.json index c75c7ed79b8..981714d038b 100644 --- a/2025/25xxx/CVE-2025-25650.json +++ b/2025/25xxx/CVE-2025-25650.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-25650", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-25650", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in the storage of NFC card data in Dorset DG 201 Digital Lock H5_433WBSK_v2.2_220605 allows attackers to produce cloned NFC cards to bypass authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.getkisi.com/blog/how-to-copy-access-cards-and-keyfobs", + "refsource": "MISC", + "name": "https://www.getkisi.com/blog/how-to-copy-access-cards-and-keyfobs" + }, + { + "url": "https://media.blackhat.com/us-13/US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf", + "refsource": "MISC", + "name": "https://media.blackhat.com/us-13/US-13-Brown-RFID-Hacking-Live-Free-or-RFID-Hard-Slides.pdf" + }, + { + "refsource": "MISC", + "name": "https://github.com/AbhijithAJ/Dorset_SmartLock_Vulnerability/blob/main/Dorset_Smart_Lock_Security_Assessment_Report.pdf", + "url": "https://github.com/AbhijithAJ/Dorset_SmartLock_Vulnerability/blob/main/Dorset_Smart_Lock_Security_Assessment_Report.pdf" } ] } diff --git a/2025/26xxx/CVE-2025-26127.json b/2025/26xxx/CVE-2025-26127.json index 0fe282579a7..5e4eb768a18 100644 --- a/2025/26xxx/CVE-2025-26127.json +++ b/2025/26xxx/CVE-2025-26127.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2025-26127", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2025-26127", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored cross-site scripting (XSS) vulnerability in the Send for Approval function of FileCloud v23.241.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.filecloud.com/supportdocs/fcdoc/latest/server/release-notes/filecloud-version-23-241-release-notes/minor-filecloud-release-23-241-3", + "refsource": "MISC", + "name": "https://www.filecloud.com/supportdocs/fcdoc/latest/server/release-notes/filecloud-version-23-241-release-notes/minor-filecloud-release-23-241-3" + }, + { + "refsource": "MISC", + "name": "https://github.com/pentesttoolscom/vulnerability-research/tree/master/CVE-2025-26127", + "url": "https://github.com/pentesttoolscom/vulnerability-research/tree/master/CVE-2025-26127" } ] } diff --git a/2025/27xxx/CVE-2025-27512.json b/2025/27xxx/CVE-2025-27512.json index d52c5d9fe0d..90b4ce60660 100644 --- a/2025/27xxx/CVE-2025-27512.json +++ b/2025/27xxx/CVE-2025-27512.json @@ -1,18 +1,97 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27512", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot the system into the deployed update. Since Zincati v0.0.24, this polkit rule contains a logic error which broadens access of those polkit actions to any unprivileged user rather than just the `zincati` system user. In practice, this means that any unprivileged user with access to the system D-Bus socket is able to deploy older Fedora CoreOS versions (which may have other known vulnerabilities). Note that rpm-ostree enforces that the selected version must be from the same branch the system is currently on so this cannot directly be used to deploy an attacker-controlled update payload. This primarily impacts users running untrusted workloads with access to the system D-Bus socket. Note that in general, untrusted workloads should not be given this access, whether containerized or not. By default, containers do not have access to the system D-Bus socket. The logic error is fixed in Zincati v0.0.30. A workaround is to manually add a following polkit rule, instructions for which are available in the GitHub Security Advisory." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-783: Operator Precedence Logic Error", + "cweId": "CWE-783" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-863: Incorrect Authorization", + "cweId": "CWE-863" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "coreos", + "product": { + "product_data": [ + { + "product_name": "zincati", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 0.0.24, < 0.0.30" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825", + "refsource": "MISC", + "name": "https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825" + }, + { + "url": "https://github.com/coreos/zincati/commit/01d8e89f799e6ba21bdf7dc668abce23bd0d8f78", + "refsource": "MISC", + "name": "https://github.com/coreos/zincati/commit/01d8e89f799e6ba21bdf7dc668abce23bd0d8f78" + }, + { + "url": "https://github.com/coreos/zincati/commit/28a43aa2c1edda091ba659677d73c13e6e3ea99d", + "refsource": "MISC", + "name": "https://github.com/coreos/zincati/commit/28a43aa2c1edda091ba659677d73c13e6e3ea99d" + }, + { + "url": "https://github.com/coreos/zincati/releases/tag/v0.0.24", + "refsource": "MISC", + "name": "https://github.com/coreos/zincati/releases/tag/v0.0.24" + }, + { + "url": "https://github.com/coreos/zincati/releases/tag/v0.0.30", + "refsource": "MISC", + "name": "https://github.com/coreos/zincati/releases/tag/v0.0.30" + } + ] + }, + "source": { + "advisory": "GHSA-w6fv-6gcc-x825", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27636.json b/2025/27xxx/CVE-2025-27636.json index 3bdaee805de..6f5572b105a 100644 --- a/2025/27xxx/CVE-2025-27636.json +++ b/2025/27xxx/CVE-2025-27636.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Bypass/Injection vulnerability in Apache Camel components under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 through <= 4.10.1, from 4.8.0 through <= 4.8.4, from 3.10.0 through <= 3.22.3.\n\nUsers are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases.\n\n\n\nThis vulnerability is present in Camel's default incoming header filter, that allows an attacker to include Camel specific\n\nheaders that for some Camel components can alter the behaviours such as the camel-bean component, to call another method\n\non the bean, than was coded in the application. In the camel-jms component, then a mallicous header can be used to send\n\nthe message to another queue (on the same broker) than was coded in the application.\n\n\n\n\nThe attacker would need to inject custom headers, such as HTTP protocols. So if you have Camel applications that are\n\ndirectly connected to the internet via HTTP, then an attacker could include malicious HTTP headers in the HTTP requests\n\nthat are send to the Camel application.\n\n\n\n\nAll the known Camel HTTP component such as camel-servlet, camel-jetty, camel-undertow, camel-platform-http, and camel-netty-http would be vulnerable out of the box.\n\nIn these conditions an attacker could be able to forge a Camel header name and make the bean component invoking other methods in the same bean.\n\nIn terms of usage of the default header filter strategy the list of components using that is: \n\n\n * camel-activemq\n * camel-activemq6\n * camel-amqp\n * camel-aws2-sqs\n * camel-azure-servicebus\n * camel-cxf-rest\n * camel-cxf-soap\n * camel-http\n * camel-jetty\n * camel-jms\n * camel-kafka\n * camel-knative\n * camel-mail\n * camel-nats\n * camel-netty-http\n * camel-platform-http\n * camel-rest\n * camel-sjms\n * camel-spring-rabbitmq\n * camel-stomp\n * camel-tahu\n * camel-undertow\n * camel-xmpp\n\n\n\n\n\n\nThe vulnerability arises due to a bug in the default filtering mechanism that only blocks headers starting with \"Camel\", \"camel\", or \"org.apache.camel.\".\u00a0\n\n\nMitigation:\u00a0You can easily work around this in your Camel applications by removing the\u00a0headers in your Camel routes. There are many ways of doing this, also\u00a0globally or per route. This means you could use the removeHeaders EIP, to filter out anything like \"cAmel, cAMEL\" etc, or in general everything not starting with \"Camel\", \"camel\" or \"org.apache.camel.\"." + "value": "Bypass/Injection vulnerability in Apache Camel components under particular conditions.\n\nThis issue affects Apache Camel: from 4.10.0 through <= 4.10.1, from 4.8.0 through <= 4.8.4, from 3.10.0 through <= 3.22.3.\n\nUsers are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases.\n\n\n\nThis vulnerability is present in Camel's default incoming header filter, that allows an attacker to include Camel specific\n\nheaders that for some Camel components can alter the behaviours such as the camel-bean component, to call another method\n\non the bean, than was coded in the application. In the camel-jms component, then a malicious header can be used to send\n\nthe message to another queue (on the same broker) than was coded in the application. This could also be seen by using the camel-exec component\n\n\n\n\nThe attacker would need to inject custom headers, such as HTTP protocols. So if you have Camel applications that are\n\ndirectly connected to the internet via HTTP, then an attacker could include malicious HTTP headers in the HTTP requests\n\nthat are send to the Camel application.\n\n\n\n\nAll the known Camel HTTP component such as camel-servlet, camel-jetty, camel-undertow, camel-platform-http, and camel-netty-http would be vulnerable out of the box.\n\nIn these conditions an attacker could be able to forge a Camel header name and make the bean component invoking other methods in the same bean.\n\nIn terms of usage of the default header filter strategy the list of components using that is: \n\n\n * camel-activemq\n * camel-activemq6\n * camel-amqp\n * camel-aws2-sqs\n * camel-azure-servicebus\n * camel-cxf-rest\n * camel-cxf-soap\n * camel-http\n * camel-jetty\n * camel-jms\n * camel-kafka\n * camel-knative\n * camel-mail\n * camel-nats\n * camel-netty-http\n * camel-platform-http\n * camel-rest\n * camel-sjms\n * camel-spring-rabbitmq\n * camel-stomp\n * camel-tahu\n * camel-undertow\n * camel-xmpp\n\n\n\n\n\n\nThe vulnerability arises due to a bug in the default filtering mechanism that only blocks headers starting with \"Camel\", \"camel\", or \"org.apache.camel.\".\u00a0\n\n\nMitigation:\u00a0You can easily work around this in your Camel applications by removing the\u00a0headers in your Camel routes. There are many ways of doing this, also\u00a0globally or per route. This means you could use the removeHeaders EIP, to filter out anything like \"cAmel, cAMEL\" etc, or in general everything not starting with \"Camel\", \"camel\" or \"org.apache.camel.\"." } ] }, diff --git a/2025/2xxx/CVE-2025-2380.json b/2025/2xxx/CVE-2025-2380.json index f6d78686db2..2c0ef109f82 100644 --- a/2025/2xxx/CVE-2025-2380.json +++ b/2025/2xxx/CVE-2025-2380.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2380", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in PHPGurukul Apartment Visitors Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in PHPGurukul Apartment Visitors Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /admin-profile.php. Durch Manipulieren des Arguments mobilenumber mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Apartment Visitors Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.299879", + "refsource": "MISC", + "name": "https://vuldb.com/?id.299879" + }, + { + "url": "https://vuldb.com/?ctiid.299879", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.299879" + }, + { + "url": "https://vuldb.com/?submit.515873", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.515873" + }, + { + "url": "https://github.com/aionman/cve/issues/1", + "refsource": "MISC", + "name": "https://github.com/aionman/cve/issues/1" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "at1on (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/2xxx/CVE-2025-2381.json b/2025/2xxx/CVE-2025-2381.json index 4bbc6411c53..ac2f48bb364 100644 --- a/2025/2xxx/CVE-2025-2381.json +++ b/2025/2xxx/CVE-2025-2381.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-2381", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical has been found in PHPGurukul Curfew e-Pass Management System 1.0. Affected is an unknown function of the file /admin/search-pass.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in PHPGurukul Curfew e-Pass Management System 1.0 entdeckt. Es betrifft eine unbekannte Funktion der Datei /admin/search-pass.php. Durch das Beeinflussen des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Curfew e-Pass Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.299880", + "refsource": "MISC", + "name": "https://vuldb.com/?id.299880" + }, + { + "url": "https://vuldb.com/?ctiid.299880", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.299880" + }, + { + "url": "https://vuldb.com/?submit.515896", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.515896" + }, + { + "url": "https://github.com/aionman/cve/issues/4", + "refsource": "MISC", + "name": "https://github.com/aionman/cve/issues/4" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "at1on (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/2xxx/CVE-2025-2420.json b/2025/2xxx/CVE-2025-2420.json new file mode 100644 index 00000000000..05a09304df2 --- /dev/null +++ b/2025/2xxx/CVE-2025-2420.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2420", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2421.json b/2025/2xxx/CVE-2025-2421.json new file mode 100644 index 00000000000..38537b58570 --- /dev/null +++ b/2025/2xxx/CVE-2025-2421.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2421", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2422.json b/2025/2xxx/CVE-2025-2422.json new file mode 100644 index 00000000000..80e39e79b1f --- /dev/null +++ b/2025/2xxx/CVE-2025-2422.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2422", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2423.json b/2025/2xxx/CVE-2025-2423.json new file mode 100644 index 00000000000..5474ad2a107 --- /dev/null +++ b/2025/2xxx/CVE-2025-2423.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2423", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2424.json b/2025/2xxx/CVE-2025-2424.json new file mode 100644 index 00000000000..e9915914f0f --- /dev/null +++ b/2025/2xxx/CVE-2025-2424.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2424", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2425.json b/2025/2xxx/CVE-2025-2425.json new file mode 100644 index 00000000000..660860e2071 --- /dev/null +++ b/2025/2xxx/CVE-2025-2425.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2425", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/30xxx/CVE-2025-30177.json b/2025/30xxx/CVE-2025-30177.json new file mode 100644 index 00000000000..0ccf14d900a --- /dev/null +++ b/2025/30xxx/CVE-2025-30177.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-30177", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file