From ff19c66016c7db3d6f4b3021cc8bfc58a3b4adc2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 19 Mar 2025 14:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/55xxx/CVE-2024-55551.json | 66 ++++++++++++++++++++++++++++++---- 2025/25xxx/CVE-2025-25500.json | 5 --- 2025/26xxx/CVE-2025-26263.json | 2 +- 2025/26xxx/CVE-2025-26264.json | 2 +- 2025/2xxx/CVE-2025-2280.json | 4 +-- 2025/2xxx/CVE-2025-2517.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2518.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2519.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2520.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2521.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2522.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2523.json | 18 ++++++++++ 2025/2xxx/CVE-2025-2524.json | 18 ++++++++++ 2025/30xxx/CVE-2025-30242.json | 18 ++++++++++ 2025/30xxx/CVE-2025-30243.json | 18 ++++++++++ 15 files changed, 244 insertions(+), 15 deletions(-) create mode 100644 2025/2xxx/CVE-2025-2517.json create mode 100644 2025/2xxx/CVE-2025-2518.json create mode 100644 2025/2xxx/CVE-2025-2519.json create mode 100644 2025/2xxx/CVE-2025-2520.json create mode 100644 2025/2xxx/CVE-2025-2521.json create mode 100644 2025/2xxx/CVE-2025-2522.json create mode 100644 2025/2xxx/CVE-2025-2523.json create mode 100644 2025/2xxx/CVE-2025-2524.json create mode 100644 2025/30xxx/CVE-2025-30242.json create mode 100644 2025/30xxx/CVE-2025-30243.json diff --git a/2024/55xxx/CVE-2024-55551.json b/2024/55xxx/CVE-2024-55551.json index 52d8c99ad7c..47b6f749e5a 100644 --- a/2024/55xxx/CVE-2024-55551.json +++ b/2024/55xxx/CVE-2024-55551.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2024-55551", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2024-55551", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Exasol jdbc driver 24.2.0. Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution vulnerability." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.blackhat.com/eu-24/briefings/schedule/index.html#a-novel-attack-surface-java-authentication-and-authorization-service-jaas-42179", + "url": "https://www.blackhat.com/eu-24/briefings/schedule/index.html#a-novel-attack-surface-java-authentication-and-authorization-service-jaas-42179" + }, + { + "url": "https://docs.exasol.com/db/latest/connect_exasol/drivers/jdbc.htm", + "refsource": "MISC", + "name": "https://docs.exasol.com/db/latest/connect_exasol/drivers/jdbc.htm" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/azraelxuemo/9565ec9219e0c3e9afd5474904c39d0f", + "url": "https://gist.github.com/azraelxuemo/9565ec9219e0c3e9afd5474904c39d0f" } ] } diff --git a/2025/25xxx/CVE-2025-25500.json b/2025/25xxx/CVE-2025-25500.json index 2b52c7bab53..dbaf9a7a199 100644 --- a/2025/25xxx/CVE-2025-25500.json +++ b/2025/25xxx/CVE-2025-25500.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://github.com/CVEProject/cveproject.github.io/blob/gh-pages/requester/reservation-guidelines.md", - "refsource": "MISC", - "name": "https://github.com/CVEProject/cveproject.github.io/blob/gh-pages/requester/reservation-guidelines.md" - }, { "refsource": "MISC", "name": "https://gist.github.com/H3T76/8096a6ff9410f3a6d9a25db1a68ae657#file-cve-2025-25500", diff --git a/2025/26xxx/CVE-2025-26263.json b/2025/26xxx/CVE-2025-26263.json index e37098130a6..18dfd6e08d0 100644 --- a/2025/26xxx/CVE-2025-26263.json +++ b/2025/26xxx/CVE-2025-26263.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less, is vulnerable to credentials disclosure due to improper memory handling in the ASManagerService.exe process." + "value": "GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less (fixed in 6.2.0), is vulnerable to credentials disclosure due to improper memory handling in the ASManagerService.exe process." } ] }, diff --git a/2025/26xxx/CVE-2025-26264.json b/2025/26xxx/CVE-2025-26264.json index 56a2b3e6926..bc18709a443 100644 --- a/2025/26xxx/CVE-2025-26264.json +++ b/2025/26xxx/CVE-2025-26264.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "GeoVision GV-ASWeb with the version 6.1.2.0 or less, contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with \"System Settings\" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise." + "value": "GeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in 6.2.0), contains a Remote Code Execution (RCE) vulnerability within its Notification Settings feature. An authenticated attacker with \"System Settings\" privileges in ASWeb can exploit this flaw to execute arbitrary commands on the server, leading to a full system compromise." } ] }, diff --git a/2025/2xxx/CVE-2025-2280.json b/2025/2xxx/CVE-2025-2280.json index 372c823bd90..e9cdd55577a 100644 --- a/2025/2xxx/CVE-2025-2280.json +++ b/2025/2xxx/CVE-2025-2280.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "Improper access control in web extension restriction feature in Devolutions Server 2024.3.13 and earlier allows an authenticated user to bypass the browser extension restriction feature." + "value": "Improper access control in web extension restriction feature in Devolutions Server 2024.3.4.0\n\n and earlier allows an authenticated user to bypass the browser extension restriction feature." } ] }, @@ -42,7 +42,7 @@ { "version_affected": "<=", "version_name": "0", - "version_value": "2024.3.13" + "version_value": "2024.3.4.0" } ] } diff --git a/2025/2xxx/CVE-2025-2517.json b/2025/2xxx/CVE-2025-2517.json new file mode 100644 index 00000000000..3c6d671bd03 --- /dev/null +++ b/2025/2xxx/CVE-2025-2517.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2517", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2518.json b/2025/2xxx/CVE-2025-2518.json new file mode 100644 index 00000000000..ebe67473589 --- /dev/null +++ b/2025/2xxx/CVE-2025-2518.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2518", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2519.json b/2025/2xxx/CVE-2025-2519.json new file mode 100644 index 00000000000..88f5916a27b --- /dev/null +++ b/2025/2xxx/CVE-2025-2519.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2519", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2520.json b/2025/2xxx/CVE-2025-2520.json new file mode 100644 index 00000000000..bd5caa912bc --- /dev/null +++ b/2025/2xxx/CVE-2025-2520.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2520", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2521.json b/2025/2xxx/CVE-2025-2521.json new file mode 100644 index 00000000000..b4e0554cdb3 --- /dev/null +++ b/2025/2xxx/CVE-2025-2521.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2521", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2522.json b/2025/2xxx/CVE-2025-2522.json new file mode 100644 index 00000000000..6e6de21372b --- /dev/null +++ b/2025/2xxx/CVE-2025-2522.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2522", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2523.json b/2025/2xxx/CVE-2025-2523.json new file mode 100644 index 00000000000..7874038b1db --- /dev/null +++ b/2025/2xxx/CVE-2025-2523.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2523", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2524.json b/2025/2xxx/CVE-2025-2524.json new file mode 100644 index 00000000000..d07e04721cb --- /dev/null +++ b/2025/2xxx/CVE-2025-2524.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2524", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/30xxx/CVE-2025-30242.json b/2025/30xxx/CVE-2025-30242.json new file mode 100644 index 00000000000..bf9ee80cc3b --- /dev/null +++ b/2025/30xxx/CVE-2025-30242.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-30242", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/30xxx/CVE-2025-30243.json b/2025/30xxx/CVE-2025-30243.json new file mode 100644 index 00000000000..88a04611c81 --- /dev/null +++ b/2025/30xxx/CVE-2025-30243.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-30243", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file