diff --git a/2025/37xxx/CVE-2025-37799.json b/2025/37xxx/CVE-2025-37799.json index be8d9fdf329..5bc6edb5bb7 100644 --- a/2025/37xxx/CVE-2025-37799.json +++ b/2025/37xxx/CVE-2025-37799.json @@ -40,13 +40,36 @@ "version_data": [ { "version_affected": "<", - "version_name": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", + "version_name": "aba8659caf88017507419feea06069f529329ea6", "version_value": "c4312c4d244aa58e811ff0297e013124d115e793" }, + { + "version_affected": "<", + "version_name": "e127ce7699c1e05279ee5ee61f00893e7bfa9671", + "version_value": "33e131a10459d16f181c8184d3f17f1c318c7002" + }, + { + "version_affected": "=", + "version_value": "7c8505ecc2d15473d679b8e06335434b84fffe86" + }, + { + "version_affected": "=", + "version_value": "91d017d19d5a9ad153e2dc23ed3c0e2e79ef5262" + }, { "version_value": "not down converted", "x_cve_json_5_version_data": { "versions": [ + { + "version": "6.9", + "status": "affected" + }, + { + "version": "0", + "lessThan": "6.9", + "status": "unaffected", + "versionType": "semver" + }, { "version": "6.6.89", "lessThanOrEqual": "6.6.*", @@ -64,6 +87,12 @@ "lessThanOrEqual": "6.14.*", "status": "unaffected", "versionType": "semver" + }, + { + "version": "6.15-rc5", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" } ], "defaultStatus": "affected" @@ -94,10 +123,15 @@ "url": "https://git.kernel.org/stable/c/e3ad76e36a37b0ff4a71b06d5b33530ee8c3a177", "refsource": "MISC", "name": "https://git.kernel.org/stable/c/e3ad76e36a37b0ff4a71b06d5b33530ee8c3a177" + }, + { + "url": "https://git.kernel.org/stable/c/4c2227656d9003f4d77afc76f34dd81b95e4c2c4", + "refsource": "MISC", + "name": "https://git.kernel.org/stable/c/4c2227656d9003f4d77afc76f34dd81b95e4c2c4" } ] }, "generator": { - "engine": "bippy-1.1.0" + "engine": "bippy-1.2.0" } } \ No newline at end of file diff --git a/2025/47xxx/CVE-2025-47256.json b/2025/47xxx/CVE-2025-47256.json new file mode 100644 index 00000000000..165877e4c46 --- /dev/null +++ b/2025/47xxx/CVE-2025-47256.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-47256", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/4xxx/CVE-2025-4263.json b/2025/4xxx/CVE-2025-4263.json index dca63ce30f1..defd0ff5c3b 100644 --- a/2025/4xxx/CVE-2025-4263.json +++ b/2025/4xxx/CVE-2025-4263.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in PHPGurukul Online DJ Booking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/booking-search.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in PHPGurukul Online DJ Booking Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /admin/booking-search.php. Mittels dem Manipulieren des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Online DJ Booking Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.307367", + "refsource": "MISC", + "name": "https://vuldb.com/?id.307367" + }, + { + "url": "https://vuldb.com/?ctiid.307367", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.307367" + }, + { + "url": "https://vuldb.com/?submit.562991", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.562991" + }, + { + "url": "https://github.com/MoshangChunfeng/CVE/issues/2", + "refsource": "MISC", + "name": "https://github.com/MoshangChunfeng/CVE/issues/2" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "YeyukongXiaodengli (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/4xxx/CVE-2025-4264.json b/2025/4xxx/CVE-2025-4264.json index de8c9ae6d31..671ae0061e0 100644 --- a/2025/4xxx/CVE-2025-4264.json +++ b/2025/4xxx/CVE-2025-4264.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4264", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/edit-ambulance.php. The manipulation of the argument dconnum leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in PHPGurukul Emergency Ambulance Hiring Portal 1.0 entdeckt. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/edit-ambulance.php. Mittels Manipulieren des Arguments dconnum mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Emergency Ambulance Hiring Portal", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.307368", + "refsource": "MISC", + "name": "https://vuldb.com/?id.307368" + }, + { + "url": "https://vuldb.com/?ctiid.307368", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.307368" + }, + { + "url": "https://vuldb.com/?submit.562992", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.562992" + }, + { + "url": "https://github.com/xiguala123/myCVE/issues/1", + "refsource": "MISC", + "name": "https://github.com/xiguala123/myCVE/issues/1" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "xiguala123 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/4xxx/CVE-2025-4265.json b/2025/4xxx/CVE-2025-4265.json index aaaef066f86..7622c8ae6e7 100644 --- a/2025/4xxx/CVE-2025-4265.json +++ b/2025/4xxx/CVE-2025-4265.json @@ -1,17 +1,123 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2025-4265", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability classified as critical was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/contact-us.php. The manipulation of the argument mobnum leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well." + }, + { + "lang": "deu", + "value": "In PHPGurukul Emergency Ambulance Hiring Portal 1.0 wurde eine kritische Schwachstelle entdeckt. Hierbei betrifft es unbekannten Programmcode der Datei /admin/contact-us.php. Durch das Manipulieren des Arguments mobnum mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Injection", + "cweId": "CWE-74" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Emergency Ambulance Hiring Portal", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.307369", + "refsource": "MISC", + "name": "https://vuldb.com/?id.307369" + }, + { + "url": "https://vuldb.com/?ctiid.307369", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.307369" + }, + { + "url": "https://vuldb.com/?submit.562993", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.562993" + }, + { + "url": "https://github.com/xiguala123/myCVE/issues/2", + "refsource": "MISC", + "name": "https://github.com/xiguala123/myCVE/issues/2" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "xiguala123 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2025/4xxx/CVE-2025-4278.json b/2025/4xxx/CVE-2025-4278.json new file mode 100644 index 00000000000..299957d802f --- /dev/null +++ b/2025/4xxx/CVE-2025-4278.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-4278", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file