admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-20 22:00:32 +00:00
parent 44af1f471e
commit f2e360e126
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 635 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
2025/23xxx/CVE-2025-23122.json
View File

@ -5,74 +5,13 @@
"CVE_data_meta": {
"ID": "CVE-2025-23122",
"ASSIGNER": "support@hackerone.com",
"STATE": "PUBLIC"
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service.\r\n\r\nImpact:\r\n* This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "nodejs",
"product": {
"product_data": [
{
"product_name": "node",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "20.19.1",
"version_value": "20.19.1"
},
{
"version_affected": "<=",
"version_name": "22.15.0",
"version_value": "22.15.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://nodejs.org/en/blog/vulnerability/may-2025-security-releases",
"refsource": "MISC",
"name": "https://nodejs.org/en/blog/vulnerability/may-2025-security-releases"
}
]
},
"impact": {
"cvss": [
{
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.7,
"baseSeverity": "LOW"
"value": "** REJECT ** This CVE record has been withdrawn due to a duplicate entry CVE-2025-23165."
}
]
}

261
2025/4xxx/CVE-2025-4999.json
View File

@ -1,17 +1,270 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-4999",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000 and classified as critical. Affected by this issue is the function sub_4153FC of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument supplicant_rnd_id_en leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in Linksys FGW3000-AH and FGW3000-HK bis 1.0.17.000000 gefunden. Sie wurde als kritisch eingestuft. Davon betroffen ist die Funktion sub_4153FC der Datei /cgi-bin/sysconf.cgi der Komponente HTTP POST Request Handler. Dank der Manipulation des Arguments supplicant_rnd_id_en mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection",
"cweId": "CWE-77"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linksys",
"product": {
"product_data": [
{
"product_name": "FGW3000-AH",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0"
},
{
"version_affected": "=",
"version_value": "1.0.1"
},
{
"version_affected": "=",
"version_value": "1.0.2"
},
{
"version_affected": "=",
"version_value": "1.0.3"
},
{
"version_affected": "=",
"version_value": "1.0.4"
},
{
"version_affected": "=",
"version_value": "1.0.5"
},
{
"version_affected": "=",
"version_value": "1.0.6"
},
{
"version_affected": "=",
"version_value": "1.0.7"
},
{
"version_affected": "=",
"version_value": "1.0.8"
},
{
"version_affected": "=",
"version_value": "1.0.9"
},
{
"version_affected": "=",
"version_value": "1.0.10"
},
{
"version_affected": "=",
"version_value": "1.0.11"
},
{
"version_affected": "=",
"version_value": "1.0.12"
},
{
"version_affected": "=",
"version_value": "1.0.13"
},
{
"version_affected": "=",
"version_value": "1.0.14"
},
{
"version_affected": "=",
"version_value": "1.0.15"
},
{
"version_affected": "=",
"version_value": "1.0.16"
},
{
"version_affected": "=",
"version_value": "1.0.17.000000"
}
]
}
},
{
"product_name": "FGW3000-HK",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0"
},
{
"version_affected": "=",
"version_value": "1.0.1"
},
{
"version_affected": "=",
"version_value": "1.0.2"
},
{
"version_affected": "=",
"version_value": "1.0.3"
},
{
"version_affected": "=",
"version_value": "1.0.4"
},
{
"version_affected": "=",
"version_value": "1.0.5"
},
{
"version_affected": "=",
"version_value": "1.0.6"
},
{
"version_affected": "=",
"version_value": "1.0.7"
},
{
"version_affected": "=",
"version_value": "1.0.8"
},
{
"version_affected": "=",
"version_value": "1.0.9"
},
{
"version_affected": "=",
"version_value": "1.0.10"
},
{
"version_affected": "=",
"version_value": "1.0.11"
},
{
"version_affected": "=",
"version_value": "1.0.12"
},
{
"version_affected": "=",
"version_value": "1.0.13"
},
{
"version_affected": "=",
"version_value": "1.0.14"
},
{
"version_affected": "=",
"version_value": "1.0.15"
},
{
"version_affected": "=",
"version_value": "1.0.16"
},
{
"version_affected": "=",
"version_value": "1.0.17.000000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.309650",
"refsource": "MISC",
"name": "https://vuldb.com/?id.309650"
},
{
"url": "https://vuldb.com/?ctiid.309650",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.309650"
},
{
"url": "https://vuldb.com/?submit.565909",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.565909"
},
{
"url": "https://github.com/CH13hh/tmp_store_cc/blob/main/FGW3000/1.md",
"refsource": "MISC",
"name": "https://github.com/CH13hh/tmp_store_cc/blob/main/FGW3000/1.md"
},
{
"url": "https://www.linksys.com/",
"refsource": "MISC",
"name": "https://www.linksys.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "CH13hh (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

261
2025/5xxx/CVE-2025-5000.json
View File

@ -1,17 +1,270 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5000",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1.0.17.000000. It has been classified as critical. This affects the function control_panel_sw of the file /cgi-bin/sysconf.cgi of the component HTTP POST Request Handler. The manipulation of the argument filename leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine Schwachstelle in Linksys FGW3000-AH and FGW3000-HK bis 1.0.17.000000 ausgemacht. Sie wurde als kritisch eingestuft. Hiervon betroffen ist die Funktion control_panel_sw der Datei /cgi-bin/sysconf.cgi der Komponente HTTP POST Request Handler. Dank Manipulation des Arguments filename mit unbekannten Daten kann eine command injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Command Injection",
"cweId": "CWE-77"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Injection",
"cweId": "CWE-74"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Linksys",
"product": {
"product_data": [
{
"product_name": "FGW3000-AH",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0"
},
{
"version_affected": "=",
"version_value": "1.0.1"
},
{
"version_affected": "=",
"version_value": "1.0.2"
},
{
"version_affected": "=",
"version_value": "1.0.3"
},
{
"version_affected": "=",
"version_value": "1.0.4"
},
{
"version_affected": "=",
"version_value": "1.0.5"
},
{
"version_affected": "=",
"version_value": "1.0.6"
},
{
"version_affected": "=",
"version_value": "1.0.7"
},
{
"version_affected": "=",
"version_value": "1.0.8"
},
{
"version_affected": "=",
"version_value": "1.0.9"
},
{
"version_affected": "=",
"version_value": "1.0.10"
},
{
"version_affected": "=",
"version_value": "1.0.11"
},
{
"version_affected": "=",
"version_value": "1.0.12"
},
{
"version_affected": "=",
"version_value": "1.0.13"
},
{
"version_affected": "=",
"version_value": "1.0.14"
},
{
"version_affected": "=",
"version_value": "1.0.15"
},
{
"version_affected": "=",
"version_value": "1.0.16"
},
{
"version_affected": "=",
"version_value": "1.0.17.000000"
}
]
}
},
{
"product_name": "FGW3000-HK",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0.0"
},
{
"version_affected": "=",
"version_value": "1.0.1"
},
{
"version_affected": "=",
"version_value": "1.0.2"
},
{
"version_affected": "=",
"version_value": "1.0.3"
},
{
"version_affected": "=",
"version_value": "1.0.4"
},
{
"version_affected": "=",
"version_value": "1.0.5"
},
{
"version_affected": "=",
"version_value": "1.0.6"
},
{
"version_affected": "=",
"version_value": "1.0.7"
},
{
"version_affected": "=",
"version_value": "1.0.8"
},
{
"version_affected": "=",
"version_value": "1.0.9"
},
{
"version_affected": "=",
"version_value": "1.0.10"
},
{
"version_affected": "=",
"version_value": "1.0.11"
},
{
"version_affected": "=",
"version_value": "1.0.12"
},
{
"version_affected": "=",
"version_value": "1.0.13"
},
{
"version_affected": "=",
"version_value": "1.0.14"
},
{
"version_affected": "=",
"version_value": "1.0.15"
},
{
"version_affected": "=",
"version_value": "1.0.16"
},
{
"version_affected": "=",
"version_value": "1.0.17.000000"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.309651",
"refsource": "MISC",
"name": "https://vuldb.com/?id.309651"
},
{
"url": "https://vuldb.com/?ctiid.309651",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.309651"
},
{
"url": "https://vuldb.com/?submit.565992",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.565992"
},
{
"url": "https://github.com/CH13hh/tmp_store_cc/blob/main/FGW3000/2.md",
"refsource": "MISC",
"name": "https://github.com/CH13hh/tmp_store_cc/blob/main/FGW3000/2.md"
},
{
"url": "https://www.linksys.com/",
"refsource": "MISC",
"name": "https://www.linksys.com/"
}
]
},
"credits": [
{
"lang": "en",
"value": "CH13hh (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

123
2025/5xxx/CVE-2025-5001.json
View File

@ -1,17 +1,132 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5001",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion calloc der Datei pspp-convert.c. Mit der Manipulation des Arguments -l mit unbekannten Daten kann eine integer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Integer Overflow",
"cweId": "CWE-190"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Numeric Error",
"cweId": "CWE-189"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "GNU",
"product": {
"product_data": [
{
"product_name": "PSPP",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.309652",
"refsource": "MISC",
"name": "https://vuldb.com/?id.309652"
},
{
"url": "https://vuldb.com/?ctiid.309652",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.309652"
},
{
"url": "https://vuldb.com/?submit.569966",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.569966"
},
{
"url": "https://savannah.gnu.org/bugs/index.php?67069",
"refsource": "MISC",
"name": "https://savannah.gnu.org/bugs/index.php?67069"
},
{
"url": "https://drive.google.com/file/d/12IIt8eR591Z8O1ABOCkT_jdXSWaBxMZx/view?usp=drive_link",
"refsource": "MISC",
"name": "https://drive.google.com/file/d/12IIt8eR591Z8O1ABOCkT_jdXSWaBxMZx/view?usp=drive_link"
},
{
"url": "https://www.gnu.org/",
"refsource": "MISC",
"name": "https://www.gnu.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "Xudong Cao"
},
{
"lang": "en",
"value": "Yuqing Zhang"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.3,
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.3,
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P"
}
]
}