"-Synchronized-Data."

2025-07-29 05:56:59 +00:00 · 2025-05-18 18:00:33 +00:00 · 2025-05-18 18:00:33 +00:00 · f2fe9fc77e
commit f2fe9fc77e
parent 68c63da865
2 changed files with 220 additions and 8 deletions
--- a/2025/4xxx/CVE-2025-4888.json
+++ b/2025/4xxx/CVE-2025-4888.json
@ -1,17 +1,123 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2025-4888",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability, which was classified as critical, was found in code-projects Pharmacy Management System 1.0. This affects the function medicineType::take_order of the component Add Order Details. The manipulation leads to buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."
+            },
+            {
+                "lang": "deu",
+                "value": "Es wurde eine kritische Schwachstelle in code-projects Pharmacy Management System 1.0 gefunden. Hiervon betroffen ist die Funktion medicineType::take_order der Komponente Add Order Details. Dank der Manipulation mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Buffer Overflow",
+                        "cweId": "CWE-120"
+                    }
+                ]
+            },
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Memory Corruption",
+                        "cweId": "CWE-119"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "code-projects",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Pharmacy Management System",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "1.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.309441",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.309441"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.309441",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.309441"
+            },
+            {
+                "url": "https://vuldb.com/?submit.577497",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?submit.577497"
+            },
+            {
+                "url": "https://github.com/zzzxc643/cve/blob/main/Pharmacy_Management_System.md",
+                "refsource": "MISC",
+                "name": "https://github.com/zzzxc643/cve/blob/main/Pharmacy_Management_System.md"
+            },
+            {
+                "url": "https://code-projects.org/",
+                "refsource": "MISC",
+                "name": "https://code-projects.org/"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "zzzxc (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 5.3,
+                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 5.3,
+                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4.3,
+                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
            }
        ]
    }
--- a/2025/4xxx/CVE-2025-4889.json
+++ b/2025/4xxx/CVE-2025-4889.json
@ -1,17 +1,123 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2025-4889",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability has been found in code-projects Tourism Management System 1.0 and classified as critical. This vulnerability affects the function AddUser of the component User Registration. The manipulation of the argument username/password leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."
+            },
+            {
+                "lang": "deu",
+                "value": "In code-projects Tourism Management System 1.0 wurde eine kritische Schwachstelle gefunden. Betroffen ist die Funktion AddUser der Komponente User Registration. Dank Manipulation des Arguments username/password mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs hat dabei lokal zu erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Buffer Overflow",
+                        "cweId": "CWE-120"
+                    }
+                ]
+            },
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Memory Corruption",
+                        "cweId": "CWE-119"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "code-projects",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Tourism Management System",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "1.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.309442",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.309442"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.309442",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.309442"
+            },
+            {
+                "url": "https://vuldb.com/?submit.577498",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?submit.577498"
+            },
+            {
+                "url": "https://github.com/zzzxc643/cve/blob/main/Tourism-Management-System.md",
+                "refsource": "MISC",
+                "name": "https://github.com/zzzxc643/cve/blob/main/Tourism-Management-System.md"
+            },
+            {
+                "url": "https://code-projects.org/",
+                "refsource": "MISC",
+                "name": "https://code-projects.org/"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "zzzxc (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 5.3,
+                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 5.3,
+                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+                "baseSeverity": "MEDIUM"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4.3,
+                "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P"
            }
        ]
    }