diff --git a/2024/9xxx/CVE-2024-9997.json b/2024/9xxx/CVE-2024-9997.json index ca4ed2a2d64..2570c58245a 100644 --- a/2024/9xxx/CVE-2024-9997.json +++ b/2024/9xxx/CVE-2024-9997.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process." + "value": "A maliciously crafted DWG file when parsed in acdb25.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process." } ] }, @@ -40,8 +40,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -51,8 +57,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -62,8 +74,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -73,8 +91,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -84,8 +108,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -95,8 +125,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -106,8 +142,31 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" + } + ] + } + }, + { + "product_name": "Civil 3D", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -117,8 +176,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -128,8 +193,14 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -139,8 +210,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } @@ -150,8 +222,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } @@ -161,8 +234,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } @@ -172,8 +246,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } @@ -183,8 +258,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } @@ -194,26 +270,9 @@ "version": { "version_data": [ { - "version_affected": "=", - "version_value": "2025" - } - ] - } - } - ] - } - }, - { - "vendor_name": "AutoCAD", - "product": { - "product_data": [ - { - "product_name": "Civil 3D", - "version": { - "version_data": [ - { - "version_affected": "=", - "version_value": "2025" + "version_affected": "<", + "version_name": "2025", + "version_value": "2025.1.1" } ] } diff --git a/2025/1xxx/CVE-2025-1428.json b/2025/1xxx/CVE-2025-1428.json index 958315c2b9c..281e7bff028 100644 --- a/2025/1xxx/CVE-2025-1428.json +++ b/2025/1xxx/CVE-2025-1428.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process." + "value": "A maliciously crafted CATPART file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process." } ] }, @@ -42,7 +42,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -59,7 +59,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -76,7 +76,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -93,7 +93,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -110,7 +110,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -127,7 +127,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -144,7 +144,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -161,7 +161,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -178,7 +178,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", diff --git a/2025/1xxx/CVE-2025-1430.json b/2025/1xxx/CVE-2025-1430.json index 53e63a6fc45..e6152249674 100644 --- a/2025/1xxx/CVE-2025-1430.json +++ b/2025/1xxx/CVE-2025-1430.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability.A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process." + "value": "A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process." } ] }, @@ -42,7 +42,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -59,7 +59,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -76,7 +76,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -93,7 +93,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -110,7 +110,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -127,7 +127,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -144,7 +144,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -161,7 +161,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", @@ -178,7 +178,7 @@ { "version_affected": "<", "version_name": "2025", - "version_value": "2025.1.1" + "version_value": "2025.1.2" }, { "version_affected": "<", diff --git a/2025/1xxx/CVE-2025-1431.json b/2025/1xxx/CVE-2025-1431.json index f067f8d6623..68810770317 100644 --- a/2025/1xxx/CVE-2025-1431.json +++ b/2025/1xxx/CVE-2025-1431.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process." + "value": "A maliciously crafted SLDPRT file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process." } ] }, @@ -43,6 +43,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -55,6 +60,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -67,6 +77,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -79,6 +94,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -91,6 +111,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -103,6 +128,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -115,6 +145,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -127,6 +162,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } @@ -139,6 +179,11 @@ "version_affected": "<", "version_name": "2025", "version_value": "2025.1.2" + }, + { + "version_affected": "<", + "version_name": "2023", + "version_value": "2023.1.7" } ] } diff --git a/2025/27xxx/CVE-2025-27520.json b/2025/27xxx/CVE-2025-27520.json index d6ca3ac575c..d9915a2e090 100644 --- a/2025/27xxx/CVE-2025-27520.json +++ b/2025/27xxx/CVE-2025-27520.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-27520", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502: Deserialization of Untrusted Data", + "cweId": "CWE-502" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "bentoml", + "product": { + "product_data": [ + { + "product_name": "BentoML", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": ">= 1.3.4, < 1.4.3" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc", + "refsource": "MISC", + "name": "https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc" + }, + { + "url": "https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194", + "refsource": "MISC", + "name": "https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194" + } + ] + }, + "source": { + "advisory": "GHSA-33xw-247w-6hmc", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31130.json b/2025/31xxx/CVE-2025-31130.json index 2f541fc0cd2..7abd95943c7 100644 --- a/2025/31xxx/CVE-2025-31130.json +++ b/2025/31xxx/CVE-2025-31130.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31130", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1_smol or sha1 crate, both of which implement standard SHA-1 without any mitigations for collision attacks. This means that two distinct Git objects with colliding SHA-1 hashes would break the Git object model and integrity checks when used with gitoxide. This vulnerability is fixed in 0.42.0." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-328: Use of Weak Hash", + "cweId": "CWE-328" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "GitoxideLabs", + "product": { + "product_data": [ + { + "product_name": "gitoxide", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 0.42.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6", + "refsource": "MISC", + "name": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-2frx-2596-x5r6" + }, + { + "url": "https://github.com/GitoxideLabs/gitoxide/commit/4660f7a6f71873311f68f170b0f1f6659a02829d", + "refsource": "MISC", + "name": "https://github.com/GitoxideLabs/gitoxide/commit/4660f7a6f71873311f68f170b0f1f6659a02829d" + } + ] + }, + "source": { + "advisory": "GHSA-2frx-2596-x5r6", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N", + "version": "3.1" } ] } diff --git a/2025/31xxx/CVE-2025-31480.json b/2025/31xxx/CVE-2025-31480.json index 0fc12bf20aa..f9c4ff04887 100644 --- a/2025/31xxx/CVE-2025-31480.json +++ b/2025/31xxx/CVE-2025-31480.json @@ -1,17 +1,90 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-31480", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "aiven-extras is a PostgreSQL extension. This is a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages the format function not being schema-prefixed. Affected users should install 1.1.16 and ensure they run the latest version issuing ALTER EXTENSION aiven_extras UPDATE TO '1.1.16' after installing it. This needs to happen in each database aiven_extras has been installed in." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-426: Untrusted Search Path", + "cweId": "CWE-426" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "aiven", + "product": { + "product_data": [ + { + "product_name": "aiven-extras", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 1.1.16" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/aiven/aiven-extras/security/advisories/GHSA-33xh-jqgf-6627", + "refsource": "MISC", + "name": "https://github.com/aiven/aiven-extras/security/advisories/GHSA-33xh-jqgf-6627" + }, + { + "url": "https://github.com/aiven/aiven-extras/commit/77b5f19a0c1d196bc741ff5c774f85fe7ca3063b", + "refsource": "MISC", + "name": "https://github.com/aiven/aiven-extras/commit/77b5f19a0c1d196bc741ff5c774f85fe7ca3063b" + } + ] + }, + "source": { + "advisory": "GHSA-33xh-jqgf-6627", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" } ] } diff --git a/2025/3xxx/CVE-2025-3249.json b/2025/3xxx/CVE-2025-3249.json index 8b6c1e13bf7..71e3ea5d569 100644 --- a/2025/3xxx/CVE-2025-3249.json +++ b/2025/3xxx/CVE-2025-3249.json @@ -1,17 +1,127 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-3249", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in TOTOLINK A6000R 1.0.1-B20201211.2000. Affected by this vulnerability is the function apcli_cancel_wps of the file /usr/lib/lua/luci/controller/mtkwifi.lua. The manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In TOTOLINK A6000R 1.0.1-B20201211.2000 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es die Funktion apcli_cancel_wps der Datei /usr/lib/lua/luci/controller/mtkwifi.lua. Mittels dem Manipulieren mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection", + "cweId": "CWE-77" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TOTOLINK", + "product": { + "product_data": [ + { + "product_name": "A6000R", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0.1-B20201211.2000" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.303319", + "refsource": "MISC", + "name": "https://vuldb.com/?id.303319" + }, + { + "url": "https://vuldb.com/?ctiid.303319", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.303319" + }, + { + "url": "https://vuldb.com/?submit.543214", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.543214" + }, + { + "url": "https://github.com/fjl1113/cve/blob/main/totolink.md", + "refsource": "MISC", + "name": "https://github.com/fjl1113/cve/blob/main/totolink.md" + }, + { + "url": "https://www.totolink.net/", + "refsource": "MISC", + "name": "https://www.totolink.net/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "fjl1113 (VulDB User)" + }, + { + "lang": "en", + "value": "fjl1113 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2025/3xxx/CVE-2025-3276.json b/2025/3xxx/CVE-2025-3276.json new file mode 100644 index 00000000000..fbbbb912e4b --- /dev/null +++ b/2025/3xxx/CVE-2025-3276.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3276", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3277.json b/2025/3xxx/CVE-2025-3277.json new file mode 100644 index 00000000000..ca96ea32fe2 --- /dev/null +++ b/2025/3xxx/CVE-2025-3277.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3277", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3278.json b/2025/3xxx/CVE-2025-3278.json new file mode 100644 index 00000000000..3aef0b42b98 --- /dev/null +++ b/2025/3xxx/CVE-2025-3278.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3278", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3279.json b/2025/3xxx/CVE-2025-3279.json new file mode 100644 index 00000000000..c024a43f772 --- /dev/null +++ b/2025/3xxx/CVE-2025-3279.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3279", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/3xxx/CVE-2025-3280.json b/2025/3xxx/CVE-2025-3280.json new file mode 100644 index 00000000000..aaf6e6eddc8 --- /dev/null +++ b/2025/3xxx/CVE-2025-3280.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-3280", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file