admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-30 05:58:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-04 02:00:30 +00:00
parent 7ffa575524
commit d7d760bc82
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 344 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2025/30xxx/CVE-2025-30406.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, which enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: the CentreStack admin can manually delete the machineKey defined in portal\\web.config."
"value": "Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\\web.config."
}
]
},

114
2025/3xxx/CVE-2025-3195.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3195",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, has been found in itsourcecode Online Blood Bank Management System 1.0. This issue affects some unknown processing of the file /bbms.php. The manipulation of the argument Search leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in itsourcecode Online Blood Bank Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /bbms.php. Dank der Manipulation des Arguments Search mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection",
"cweId": "CWE-89"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "itsourcecode",
"product": {
"product_data": [
{
"product_name": "Online Blood Bank Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.303149",
"refsource": "MISC",
"name": "https://vuldb.com/?id.303149"
},
{
"url": "https://vuldb.com/?ctiid.303149",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.303149"
},
{
"url": "https://vuldb.com/?submit.544147",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.544147"
},
{
"url": "https://github.com/p1026/CVE/issues/21",
"refsource": "MISC",
"name": "https://github.com/p1026/CVE/issues/21"
},
{
"url": "https://itsourcecode.com/",
"refsource": "MISC",
"name": "https://itsourcecode.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "PKEY (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

113
2025/3xxx/CVE-2025-3196.json
View File

@ -1,17 +1,122 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3196",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the argument Name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in Open Asset Import Library Assimp 5.4.3 gefunden. Sie wurde als kritisch eingestuft. Es betrifft die Funktion Assimp::MD2Importer::InternReadFile in der Bibliothek code/AssetLib/MD2/MD2Loader.cpp der Komponente Malformed File Handler. Dank Manipulation des Arguments Name mit unbekannten Daten kann eine stack-based buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Memory Corruption",
"cweId": "CWE-119"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Open Asset Import Library",
"product": {
"product_data": [
{
"product_name": "Assimp",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "5.4.3"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.303150",
"refsource": "MISC",
"name": "https://vuldb.com/?id.303150"
},
{
"url": "https://vuldb.com/?ctiid.303150",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.303150"
},
{
"url": "https://vuldb.com/?submit.545368",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.545368"
},
{
"url": "https://github.com/assimp/assimp/issues/6069",
"refsource": "MISC",
"name": "https://github.com/assimp/assimp/issues/6069"
},
{
"url": "https://github.com/assimp/assimp/issues/6069#issuecomment-2763273425",
"refsource": "MISC",
"name": "https://github.com/assimp/assimp/issues/6069#issuecomment-2763273425"
},
{
"url": "https://github.com/assimp/assimp/milestone/11",
"refsource": "MISC",
"name": "https://github.com/assimp/assimp/milestone/11"
}
]
},
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 4.3,
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

128
2025/3xxx/CVE-2025-3198.json
View File

@ -1,17 +1,137 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-3198",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue."
},
{
"lang": "deu",
"value": "In GNU Binutils 2.43/2.44 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Das betrifft die Funktion display_info der Datei binutils/bucomm.c der Komponente objdump. Mit der Manipulation mit unbekannten Daten kann eine memory leak-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Der Patch wird als ba6ad3a18cb26b79e0e3b84c39f707535bbc344d bezeichnet. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Memory Leak",
"cweId": "CWE-401"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service",
"cweId": "CWE-404"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GNU",
"product": {
"product_data": [
{
"product_name": "Binutils",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "2.43"
},
{
"version_affected": "=",
"version_value": "2.44"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.303151",
"refsource": "MISC",
"name": "https://vuldb.com/?id.303151"
},
{
"url": "https://vuldb.com/?ctiid.303151",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.303151"
},
{
"url": "https://vuldb.com/?submit.545773",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.545773"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32716",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32716"
},
{
"url": "https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0",
"refsource": "MISC",
"name": "https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0"
},
{
"url": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d",
"refsource": "MISC",
"name": "https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d"
},
{
"url": "https://www.gnu.org/",
"refsource": "MISC",
"name": "https://www.gnu.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Haoxin Tu (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"
}
]
}