Advisory Database Sync

Author: advisory-database[bot]

advisories/github-reviewed/2025/11/GHSA-xh5w-g8gq-r3v9/GHSA-xh5w-g8gq-r3v9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xh5w-g8gq-r3v9",
-  "modified": "2025-12-16T09:31:06Z",
+  "modified": "2025-12-16T21:30:50Z",
   "published": "2025-11-24T18:31:14Z",
   "aliases": [
     "CVE-2025-13609"
@@ -52,6 +52,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:23201"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:23210"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-13609"

advisories/unreviewed/2022/01/GHSA-pqrf-2rwm-hmh7/GHSA-pqrf-2rwm-hmh7.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-pqrf-2rwm-hmh7",
-  "modified": "2022-02-01T00:00:50Z",
+  "modified": "2025-12-16T21:30:48Z",
   "published": "2022-01-25T00:01:05Z",
   "aliases": [
     "CVE-2021-41659"
   ],
   "details": "SQL injection vulnerability in Sourcecodester Banking System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username or password field.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {

advisories/unreviewed/2022/05/GHSA-45rh-hmqp-72c3/GHSA-45rh-hmqp-72c3.json

@@ -34,7 +34,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-352"
+      "CWE-352",
+      "CWE-79"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2022/05/GHSA-4g5h-x2gw-q6h2/GHSA-4g5h-x2gw-q6h2.json

@@ -44,7 +44,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-79"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,

advisories/unreviewed/2022/05/GHSA-gm83-wf9j-jhqj/GHSA-gm83-wf9j-jhqj.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-gm83-wf9j-jhqj",
-  "modified": "2022-05-02T03:33:03Z",
+  "modified": "2025-12-16T21:30:48Z",
   "published": "2022-05-02T03:33:03Z",
   "aliases": [
     "CVE-2009-2216"
   ],
   "details": "Cross-site scripting (XSS) vulnerability in CMD_REDIRECT in DirectAdmin 1.33.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the URI in a view=advanced request.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {

advisories/unreviewed/2022/05/GHSA-p77v-j929-9938/GHSA-p77v-j929-9938.json

@@ -36,7 +36,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-79"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,

advisories/unreviewed/2022/05/GHSA-pqc5-6q65-965r/GHSA-pqc5-6q65-965r.json

@@ -40,7 +40,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-79"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,

advisories/unreviewed/2022/08/GHSA-w6cp-44pj-29wv/GHSA-w6cp-44pj-29wv.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-w6cp-44pj-29wv",
-  "modified": "2022-08-29T20:06:48Z",
+  "modified": "2025-12-16T21:30:49Z",
   "published": "2022-08-27T00:00:41Z",
   "aliases": [
     "CVE-2022-36547"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://github.com/HashenUdara/edoc-doctor-appointment-system"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system/Reflected%20Cross%20Site%20Scripting%20%28XSS%29.md"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/onEpAth936/cve/blob/master/bug_e/edoc-doctor-appointment-system/Reflected%20Cross%20Site%20Scripting%20(XSS).md"

advisories/unreviewed/2025/05/GHSA-3jv8-gwwx-wwrw/GHSA-3jv8-gwwx-wwrw.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-3jv8-gwwx-wwrw",
-  "modified": "2025-11-03T21:33:56Z",
+  "modified": "2025-12-16T21:30:49Z",
   "published": "2025-05-20T18:30:58Z",
   "aliases": [
     "CVE-2025-37982"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wl1251: fix memory leak in wl1251_tx_work\n\nThe skb dequeued from tx_queue is lost when wl1251_ps_elp_wakeup fails\nwith a -ETIMEDOUT error. Fix that by queueing the skb back to tx_queue.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -52,8 +57,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-401"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-05-20T17:15:48Z"

advisories/unreviewed/2025/05/GHSA-677f-c75x-79m2/GHSA-677f-c75x-79m2.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-677f-c75x-79m2",
-  "modified": "2025-11-03T21:33:57Z",
+  "modified": "2025-12-16T21:30:49Z",
   "published": "2025-05-26T15:30:34Z",
   "aliases": [
     "CVE-2025-37992"
   ],
   "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet_sched: Flush gso_skb list too during ->change()\n\nPreviously, when reducing a qdisc's limit via the ->change() operation, only\nthe main skb queue was trimmed, potentially leaving packets in the gso_skb\nlist. This could result in NULL pointer dereference when we only check\nsch->limit against sch->q.qlen.\n\nThis patch introduces a new helper, qdisc_dequeue_internal(), which ensures\nboth the gso_skb list and the main queue are properly flushed when trimming\nexcess packets. All relevant qdiscs (codel, fq, fq_codel, fq_pie, hhf, pie)\nare updated to use this helper in their ->change() routines.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -52,8 +57,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-476"
+    ],
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-05-26T15:15:19Z"