Publish Advisories

GHSA-2xr7-8qgr-hch2
GHSA-3cxw-q7h6-95gj
GHSA-4q8q-3r7h-5j3f
GHSA-53hw-7r73-89x3
GHSA-5mp6-372v-5m92
GHSA-5w85-6378-9j4v
GHSA-7h47-c92x-cf8w
GHSA-829c-jpvx-vfrv
GHSA-8h8x-gmrp-h6m6
GHSA-8v4q-mf53-phfq
GHSA-8wr8-qf33-p6vc
GHSA-f5xc-6j3j-hf4h
GHSA-fggr-pw4j-mqwr
GHSA-q4g4-9h3h-h3p3
GHSA-vf25-p22q-rg8q
GHSA-w247-2vxj-mgr3
GHSA-w4jg-8w9c-f6rv
GHSA-wjpm-rxpc-g4gj
GHSA-wjwr-77x9-rqfh
GHSA-wwrp-v67c-phr5
GHSA-xcmx-jj38-v524
GHSA-xp9w-j3h7-4wxv
GHSA-xr34-pc3c-449f

Author: advisory-database[bot]

advisories/unreviewed/2025/12/GHSA-2xr7-8qgr-hch2/GHSA-2xr7-8qgr-hch2.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2xr7-8qgr-hch2",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66493"
+  ],
+  "details": "A use-after-free vulnerability exists in the AcroForm handling of Foxit PDF Reader and Foxit PDF Editor before 2025.2.1,14.0.1 and 13.2.1 \n\non Windows\n\n. When opening a PDF containing specially crafted JavaScript, a pointer to memory that has already been freed may be accessed or dereferenced, potentially allowing a remote attacker to execute arbitrary code.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66493"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:01Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-3cxw-q7h6-95gj/GHSA-3cxw-q7h6-95gj.json

@@ -0,0 +1,34 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3cxw-q7h6-95gj",
+  "modified": "2025-12-19T09:30:27Z",
+  "published": "2025-12-19T09:30:27Z",
+  "aliases": [
+    "CVE-2025-66173"
+  ],
+  "details": "There is a privilege escalation vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and gaining access to an unrestricted shell environment.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66173"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:01Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-4q8q-3r7h-5j3f/GHSA-4q8q-3r7h-5j3f.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-4q8q-3r7h-5j3f",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66494"
+  ],
+  "details": "A use-after-free vulnerability exists in the PDF file parsing of Foxit PDF Reader before 2025.2.1, 14.0.1, and 13.2.1 on Windows. A PDF object managed by multiple parent objects could be freed while still being referenced, potentially allowing a remote attacker to execute arbitrary code.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66494"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:02Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-53hw-7r73-89x3/GHSA-53hw-7r73-89x3.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-53hw-7r73-89x3",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66497"
+  ],
+  "details": "A memory corruption vulnerability exists in the 3D annotation handling of Foxit PDF Reader due to insufficient bounds checking when parsing PRC data. When opening a PDF file containing malformed or specially crafted PRC content, out-of-bounds memory access may occur, resulting in memory corruption.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66497"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-125"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:02Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-5mp6-372v-5m92/GHSA-5mp6-372v-5m92.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5mp6-372v-5m92",
+  "modified": "2025-12-19T09:30:29Z",
+  "published": "2025-12-19T09:30:29Z",
+  "aliases": [
+    "CVE-2025-66522"
+  ],
+  "details": "A stored cross-site scripting (XSS) vulnerability exists in the Digital IDs functionality of the Foxit PDF Editor Cloud (pdfonline.foxit.com). The application does not properly sanitize or encode the Common Name field of Digital IDs before inserting user-supplied content into the DOM. As a result, embedded HTML or JavaScript may execute whenever the Digital IDs dialog is accessed or when the affected PDF is loaded.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66522"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T08:15:54Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-5w85-6378-9j4v/GHSA-5w85-6378-9j4v.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5w85-6378-9j4v",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66499"
+  ],
+  "details": "A heap-based buffer overflow vulnerability exists in the PDF parsing of Foxit PDF Reader when processing specially crafted JBIG2 data. An integer overflow in the calculation of the image buffer size may occur, potentially allowing a remote attacker to execute arbitrary code.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66499"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-190"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:03Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-7h47-c92x-cf8w/GHSA-7h47-c92x-cf8w.json

@@ -0,0 +1,34 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7h47-c92x-cf8w",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66174"
+  ],
+  "details": "There is an improper authentication vulnerability in some Hikvision DVR products. Due to the improper implementation of authentication for the serial port, an attacker with physical access could exploit this vulnerability by connecting to the affected products and run a series of commands.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66174"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.hikvision.com/en/support/cybersecurity/security-advisory/serial-port-privilege-escalation-vulnerabilities-in-some-hikvision-nvr-devices"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:16:01Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-829c-jpvx-vfrv/GHSA-829c-jpvx-vfrv.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-829c-jpvx-vfrv",
+  "modified": "2025-12-19T09:30:27Z",
+  "published": "2025-12-19T09:30:27Z",
+  "aliases": [
+    "CVE-2025-13008"
+  ],
+  "details": "An information disclosure vulnerability in M-Files Server before versions 25.12.15491.7, 25.8 LTS SR3, 25.2 LTS SR3 and 24.8 LTS SR5 allows an authenticated attacker using M-Files Web to capture session tokens of other active users.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13008"
+    },
+    {
+      "type": "WEB",
+      "url": "https://product.m-files.com/security-advisories/cve-2025-13008"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-359"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T07:15:58Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-8h8x-gmrp-h6m6/GHSA-8h8x-gmrp-h6m6.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8h8x-gmrp-h6m6",
+  "modified": "2025-12-19T09:30:29Z",
+  "published": "2025-12-19T09:30:29Z",
+  "aliases": [
+    "CVE-2025-11747"
+  ],
+  "details": "The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the colibri_blog_posts shortcode in all versions up to, and including, 1.0.345 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11747"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/browser/colibri-page-builder/trunk/extend-builder/shortcodes/blog-posts.php#L251"
+    },
+    {
+      "type": "WEB",
+      "url": "https://plugins.trac.wordpress.org/changeset/3421590/colibri-page-builder/trunk/extend-builder/shortcodes/blog-posts.php"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/e3305b39-5f7b-493b-80b5-cb925c2710c1?source=cve"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T09:15:45Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-8v4q-mf53-phfq/GHSA-8v4q-mf53-phfq.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-8v4q-mf53-phfq",
+  "modified": "2025-12-19T09:30:28Z",
+  "published": "2025-12-19T09:30:28Z",
+  "aliases": [
+    "CVE-2025-66519"
+  ],
+  "details": "A stored cross-site scripting (XSS) vulnerability exists in pdfonline.foxit.com within the Layer Import functionality. A crafted payload can be injected into the “Create new Layer” field during layer import and is later rendered into the DOM without proper sanitization. As a result, the injected script executes when the Layers panel is accessed.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66519"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.foxit.com/support/security-bulletins.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-19T08:15:53Z"
+  }
+}