admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-01 03:02:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-05-26 02:00:39 +00:00
parent c4418a83eb
commit f3ebed407d
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 338 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2025/48xxx/CVE-2025-48769.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-48769",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

114
2025/5xxx/CVE-2025-5162.json
View File

@ -1,17 +1,123 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5162",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02 up to 20250513. Affected by this issue is some unknown functionality of the file /safeEvent/importFile/. The manipulation of the argument logGeneralFile/logGeneralFile_2 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Eine kritische Schwachstelle wurde in H3C SecCenter SMP-E1114P02 bis 20250513 entdeckt. Davon betroffen ist unbekannter Code der Datei /safeEvent/importFile/. Mittels Manipulieren des Arguments logGeneralFile/logGeneralFile_2 mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unrestricted Upload",
"cweId": "CWE-434"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "H3C",
"product": {
"product_data": [
{
"product_name": "SecCenter SMP-E1114P02",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "20250513"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.310250",
"refsource": "MISC",
"name": "https://vuldb.com/?id.310250"
},
{
"url": "https://vuldb.com/?ctiid.310250",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.310250"
},
{
"url": "https://vuldb.com/?submit.578679",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.578679"
},
{
"url": "https://flowus.cn/share/ce6c4094-8d97-466c-8fcc-df3f3d6f314e?code=G8A6P3",
"refsource": "MISC",
"name": "https://flowus.cn/share/ce6c4094-8d97-466c-8fcc-df3f3d6f314e?code=G8A6P3"
},
{
"url": "https://flowus.cn/share/d6c310ac-a179-499f-9e9a-5c0de80b19be?code=G8A6P3",
"refsource": "MISC",
"name": "https://flowus.cn/share/d6c310ac-a179-499f-9e9a-5c0de80b19be?code=G8A6P3"
}
]
},
"credits": [
{
"lang": "en",
"value": "0menc (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P"
}
]
}

109
2025/5xxx/CVE-2025-5163.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5163",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability, which was classified as problematic, was found in yangshare \u6280\u672f\u6768\u5de5 warehouseManager \u4ed3\u5e93\u7ba1\u7406\u7cfb\u7edf 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in yangshare \u6280\u672f\u6768\u5de5 warehouseManager \u4ed3\u5e93\u7ba1\u7406\u7cfb\u7edf 1.0 gefunden. Hiervon betroffen ist ein unbekannter Codeblock. Durch das Manipulieren mit unbekannten Daten kann eine improper access controls-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Controls",
"cweId": "CWE-284"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Incorrect Privilege Assignment",
"cweId": "CWE-266"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "yangshare \u6280\u672f\u6768\u5de5",
"product": {
"product_data": [
{
"product_name": "warehouseManager \u4ed3\u5e93\u7ba1\u7406\u7cfb\u7edf",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.310251",
"refsource": "MISC",
"name": "https://vuldb.com/?id.310251"
},
{
"url": "https://vuldb.com/?ctiid.310251",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.310251"
},
{
"url": "https://vuldb.com/?submit.576315",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.576315"
},
{
"url": "https://github.com/sumingwjl/cve/issues/1",
"refsource": "MISC",
"name": "https://github.com/sumingwjl/cve/issues/1"
}
]
},
"credits": [
{
"lang": "en",
"value": "KobayashiSM (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N"
}
]
}

109
2025/5xxx/CVE-2025-5164.json
View File

@ -1,17 +1,118 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-5164",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in PerfreeBlog 4.0.11 and classified as problematic. This vulnerability affects the function JwtUtil of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key\r . The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "deu",
"value": "In PerfreeBlog 4.0.11 wurde eine problematische Schwachstelle gefunden. Betroffen ist die Funktion JwtUtil der Komponente JWT Handler. Durch Manipulieren mit unbekannten Daten kann eine use of hard-coded cryptographic key\r -Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of Hard-coded Cryptographic Key",
"cweId": "CWE-321"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Key Management Error",
"cweId": "CWE-320"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "PerfreeBlog",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "4.0.11"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.310252",
"refsource": "MISC",
"name": "https://vuldb.com/?id.310252"
},
{
"url": "https://vuldb.com/?ctiid.310252",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.310252"
},
{
"url": "https://vuldb.com/?submit.576433",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.576433"
},
{
"url": "https://github.com/147536951/Qiany1/blob/main/Perfreeblog_3.pdf",
"refsource": "MISC",
"name": "https://github.com/147536951/Qiany1/blob/main/Perfreeblog_3.pdf"
}
]
},
"credits": [
{
"lang": "en",
"value": "Qianyi (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.7,
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.7,
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 2.6,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N"
}
]
}