admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-04-25 03:00:38 +00:00
parent 0b9cf6a658
commit f6eb1cacc9
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
5 changed files with 278 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
2025/46xxx/CVE-2025-46544.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-46544",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-46544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new users and roles."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sherparpa.com",
"refsource": "MISC",
"name": "https://sherparpa.com"
},
{
"url": "https://twitter.com/ArtyomBrylev",
"refsource": "MISC",
"name": "https://twitter.com/ArtyomBrylev"
},
{
"url": "https://deiteriy.com",
"refsource": "MISC",
"name": "https://deiteriy.com"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/ArtemBrylev/a258f920a6556470951c9a483fcf194a",
"url": "https://gist.github.com/ArtemBrylev/a258f920a6556470951c9a483fcf194a"
}
]
}

71
2025/46xxx/CVE-2025-46545.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-46545",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-46545",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Sherpa Orchestrator 141851, the functionality for adding or updating licenses allows for stored XSS attacks by an administrator through the name parameter. The XSS payload can execute when the license expires."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sherparpa.com",
"refsource": "MISC",
"name": "https://sherparpa.com"
},
{
"url": "https://twitter.com/ArtyomBrylev",
"refsource": "MISC",
"name": "https://twitter.com/ArtyomBrylev"
},
{
"url": "https://deiteriy.com",
"refsource": "MISC",
"name": "https://deiteriy.com"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/ArtemBrylev/5a0c76285d5fa9daf4ec753034185de7",
"url": "https://gist.github.com/ArtemBrylev/5a0c76285d5fa9daf4ec753034185de7"
}
]
}

71
2025/46xxx/CVE-2025-46546.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-46546",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-46546",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Sherpa Orchestrator 141851, multiple time-based blind SQL injections can be performed by an authenticated user. This affects api/gui/asset/list, /api/gui/files/export/csv/, /api/gui/files/list, /api/gui/process/export/csv, /api/gui/process/export/xlsx, /api/gui/process/listAll, /api/gui/processVersion/export/csv/, /api/gui/processVersion/export/xlsx/, /api/gui/processVersion/list/, /api/gui/robot/list/, /api/gui/task/export/csv/, /api/gui/task/export/xlsx/, and /api/gui/task/list/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sherparpa.com",
"refsource": "MISC",
"name": "https://sherparpa.com"
},
{
"url": "https://twitter.com/ArtyomBrylev",
"refsource": "MISC",
"name": "https://twitter.com/ArtyomBrylev"
},
{
"url": "https://deiteriy.com",
"refsource": "MISC",
"name": "https://deiteriy.com"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/ArtemBrylev/59b4c0825a988f39a58b79e4e8d2f378",
"url": "https://gist.github.com/ArtemBrylev/59b4c0825a988f39a58b79e4e8d2f378"
}
]
}

71
2025/46xxx/CVE-2025-46547.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-46547",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2025-46547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In Sherpa Orchestrator 141851, the web application lacks protection against CSRF attacks, with resultant effects of an attacker conducting XSS attacks, adding a new user or role, or exploiting a SQL injection issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sherparpa.com",
"refsource": "MISC",
"name": "https://sherparpa.com"
},
{
"url": "https://twitter.com/ArtyomBrylev",
"refsource": "MISC",
"name": "https://twitter.com/ArtyomBrylev"
},
{
"url": "https://deiteriy.com",
"refsource": "MISC",
"name": "https://deiteriy.com"
},
{
"refsource": "MISC",
"name": "https://gist.github.com/ArtemBrylev/9af206c46d7505db03ad6fcd9fc46f7f",
"url": "https://gist.github.com/ArtemBrylev/9af206c46d7505db03ad6fcd9fc46f7f"
}
]
}

18
2025/46xxx/CVE-2025-46594.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-46594",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}