Skip to content

Commit 69178ee

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-2h4c-6rjw-w7rh GHSA-6rp6-72p8-59rr GHSA-7wwf-6mwx-wx77
1 parent a1d4185 commit 69178ee

File tree

3 files changed

+152
-0
lines changed

3 files changed

+152
-0
lines changed

advisories/unreviewed/2025/12/GHSA-2h4c-6rjw-w7rh/GHSA-2h4c-6rjw-w7rh.json

Lines changed: 56 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,56 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-2h4c-6rjw-w7rh",
4+
"modified": "2025-12-25T00:30:18Z",
5+
"published": "2025-12-25T00:30:18Z",
6+
"aliases": [
7+
"CVE-2025-15073"
8+
],
9+
"details": "A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contact_us.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15073"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/24ggee/CVE/issues/1"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://itsourcecode.com"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?ctiid.338330"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?id.338330"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://vuldb.com/?submit.721321"
45+
}
46+
],
47+
"database_specific": {
48+
"cwe_ids": [
49+
"CWE-74"
50+
],
51+
"severity": "MODERATE",
52+
"github_reviewed": false,
53+
"github_reviewed_at": null,
54+
"nvd_published_at": "2025-12-24T23:15:44Z"
55+
}
56+
}

advisories/unreviewed/2025/12/GHSA-6rp6-72p8-59rr/GHSA-6rp6-72p8-59rr.json

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-6rp6-72p8-59rr",
4+
"modified": "2025-12-25T00:30:18Z",
5+
"published": "2025-12-25T00:30:18Z",
6+
"aliases": [
7+
"CVE-2025-68922"
8+
],
9+
"details": "OpenOps before 0.6.11 allows remote code execution in the Terraform block.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:L"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68922"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://github.com/openops-cloud/openops/pull/1767"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://github.com/openops-cloud/openops/compare/0.6.10...0.6.11"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://github.com/openops-cloud/openops/releases/tag/0.6.11"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://linear.app/openops/issue/OPS-3254"
37+
}
38+
],
39+
"database_specific": {
40+
"cwe_ids": [
41+
"CWE-78"
42+
],
43+
"severity": "HIGH",
44+
"github_reviewed": false,
45+
"github_reviewed_at": null,
46+
"nvd_published_at": "2025-12-25T00:16:03Z"
47+
}
48+
}

advisories/unreviewed/2025/12/GHSA-7wwf-6mwx-wx77/GHSA-7wwf-6mwx-wx77.json

Lines changed: 48 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,48 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-7wwf-6mwx-wx77",
4+
"modified": "2025-12-25T00:30:17Z",
5+
"published": "2025-12-25T00:30:17Z",
6+
"aliases": [
7+
"CVE-2025-68920"
8+
],
9+
"details": "C-Kermit (aka ckermit) through 10.0 Beta.12 (aka 416-beta12) before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68920"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://github.com/KermitProject/ckermit/pull/20"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123025"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://www.complete.org/kermit"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.kermitproject.org/ftp/kermit/test/tar"
37+
}
38+
],
39+
"database_specific": {
40+
"cwe_ids": [
41+
"CWE-862"
42+
],
43+
"severity": "HIGH",
44+
"github_reviewed": false,
45+
"github_reviewed_at": null,
46+
"nvd_published_at": "2025-12-24T22:15:43Z"
47+
}
48+
}

0 commit comments

Comments
 (0)