Advisory Database Sync

Author: advisory-database[bot]

advisories/github-reviewed/2025/08/GHSA-856v-8qm2-9wjv/GHSA-856v-8qm2-9wjv.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-856v-8qm2-9wjv",
-  "modified": "2025-12-04T00:30:57Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2025-08-07T21:31:08Z",
   "aliases": [
     "CVE-2025-7195"
@@ -41,64 +41,68 @@
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7195"
     },
     {
-      "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:19332"
+      "type": "PACKAGE",
+      "url": "https://github.com/operator-framework/operator-sdk"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:19335"
+      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376300"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:19958"
+      "url": "https://access.redhat.com/security/cve/CVE-2025-7195"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:19961"
+      "url": "https://access.redhat.com/errata/RHSA-2025:22684"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:21368"
+      "url": "https://access.redhat.com/errata/RHSA-2025:22683"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:21885"
+      "url": "https://access.redhat.com/errata/RHSA-2025:22420"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:22415"
+      "url": "https://access.redhat.com/errata/RHSA-2025:22418"
     },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:22416"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:22418"
+      "url": "https://access.redhat.com/errata/RHSA-2025:22415"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:22420"
+      "url": "https://access.redhat.com/errata/RHSA-2025:21885"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:22683"
+      "url": "https://access.redhat.com/errata/RHSA-2025:21368"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/errata/RHSA-2025:22684"
+      "url": "https://access.redhat.com/errata/RHSA-2025:19961"
     },
     {
       "type": "WEB",
-      "url": "https://access.redhat.com/security/cve/CVE-2025-7195"
+      "url": "https://access.redhat.com/errata/RHSA-2025:19958"
     },
     {
       "type": "WEB",
-      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376300"
+      "url": "https://access.redhat.com/errata/RHSA-2025:19335"
     },
     {
-      "type": "PACKAGE",
-      "url": "https://github.com/operator-framework/operator-sdk"
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:19332"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHBA-2024:11569"
     }
   ],
   "database_specific": {

advisories/unreviewed/2022/05/GHSA-82gq-xhgq-4fqw/GHSA-82gq-xhgq-4fqw.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-82gq-xhgq-4fqw",
-  "modified": "2022-05-14T01:30:42Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2022-05-14T01:30:42Z",
   "aliases": [
     "CVE-2019-9182"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9182"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/46488"
+    },
     {
       "type": "WEB",
       "url": "http://www.iwantacve.cn/index.php/archives/119"

advisories/unreviewed/2022/05/GHSA-qpgr-mp84-gp92/GHSA-qpgr-mp84-gp92.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qpgr-mp84-gp92",
-  "modified": "2025-10-22T00:31:37Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2022-05-13T01:02:54Z",
   "aliases": [
     "CVE-2019-9082"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://www.exploit-db.com/exploits/46488"
     },
+    {
+      "type": "WEB",
+      "url": "http://packetstormsecurity.com/files/151967/zzzphp-CMS-1.6.1-Cross-Site-Request-Forgery.html"
+    },
     {
       "type": "WEB",
       "url": "http://packetstormsecurity.com/files/157218/ThinkPHP-5.0.23-Remote-Code-Execution.html"

advisories/unreviewed/2023/08/GHSA-52qf-8fcc-9f9g/GHSA-52qf-8fcc-9f9g.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-52qf-8fcc-9f9g",
-  "modified": "2023-11-14T18:30:20Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2023-08-18T21:30:24Z",
   "aliases": [
     "CVE-2023-38890"
@@ -22,6 +22,14 @@
     {
       "type": "WEB",
       "url": "https://github.com/akshadjoshi/CVE-2023-38890"
+    },
+    {
+      "type": "WEB",
+      "url": "https://tagmachan.com/online-shopping-portal-3-1-sql-injection-to-remote-code-execution-unauthenticated.tagox"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.exploit-db.com/exploits/50029"
     }
   ],
   "database_specific": {

advisories/unreviewed/2023/10/GHSA-qh48-5646-82cv/GHSA-qh48-5646-82cv.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qh48-5646-82cv",
-  "modified": "2024-04-04T08:57:43Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2023-10-27T21:30:23Z",
   "aliases": [
     "CVE-2023-40130"
@@ -23,9 +23,17 @@
       "type": "WEB",
       "url": "https://android.googlesource.com/platform/packages/services/Telecomm/+/5b335401d1c8de7d1c85f4a0cf353f7f9fc30218"
     },
+    {
+      "type": "WEB",
+      "url": "https://android.googlesource.com/platform/packages/services/Telecomm/+/a43a880beaa6a64348a1d0c821e8c7e98d741a79"
+    },
     {
       "type": "WEB",
       "url": "https://source.android.com/security/bulletin/2023-10-01"
+    },
+    {
+      "type": "WEB",
+      "url": "https://source.android.com/security/bulletin/2025-12-01"
     }
   ],
   "database_specific": {

advisories/unreviewed/2024/03/GHSA-49x6-w2c9-99x9/GHSA-49x6-w2c9-99x9.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-49x6-w2c9-99x9",
-  "modified": "2024-03-16T03:30:59Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2024-03-16T03:30:59Z",
   "aliases": [
     "CVE-2024-27195"
   ],
-  "details": "Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Watermark RELOADED allows Stored XSS.This issue affects Watermark RELOADED: from n/a through 1.3.5.\n\n",
+  "details": "Cross-Site Request Forgery (CSRF) vulnerability in Sandi Verdev Watermark RELOADED allows Stored XSS.This issue affects Watermark RELOADED: from n/a through 1.3.5.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://patchstack.com/database/vulnerability/watermark-reloaded/wordpress-watermark-reloaded-plugin-1-3-5-csrf-to-xss-vulnerability?_s_id=cve"
+    },
+    {
+      "type": "WEB",
+      "url": "https://wordpress.org/plugins/watermark-reloaded/#developers"
     }
   ],
   "database_specific": {

advisories/unreviewed/2024/11/GHSA-2hrg-xmqp-9q4v/GHSA-2hrg-xmqp-9q4v.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2hrg-xmqp-9q4v",
-  "modified": "2025-07-07T18:32:15Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2024-11-20T21:30:50Z",
   "aliases": [
     "CVE-2024-52702"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/mybb/mybb/issues/4859"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/mybb/mybb/issues/4859#issuecomment-2468480756"
     }
   ],
   "database_specific": {

advisories/unreviewed/2024/12/GHSA-5x22-49wv-3m34/GHSA-5x22-49wv-3m34.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5x22-49wv-3m34",
-  "modified": "2024-12-06T18:30:45Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2024-12-06T18:30:45Z",
   "aliases": [
     "CVE-2024-50387"
   ],
   "details": "A SQL injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to inject malicious code.\n\nWe have already fixed the vulnerability in the following version:\nSMB Service 4.15.002 and later\nSMB Service h4.15.002 and later",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2024/12/GHSA-9c26-wm2f-5pm9/GHSA-9c26-wm2f-5pm9.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9c26-wm2f-5pm9",
-  "modified": "2024-12-06T18:30:45Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2024-12-06T18:30:45Z",
   "aliases": [
     "CVE-2024-48863"
   ],
   "details": "A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nLicense Center 1.9.43 and later",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2025/08/GHSA-8r4m-h8m7-mf8v/GHSA-8r4m-h8m7-mf8v.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8r4m-h8m7-mf8v",
-  "modified": "2025-08-29T18:30:54Z",
+  "modified": "2025-12-08T18:30:24Z",
   "published": "2025-08-29T18:30:54Z",
   "aliases": [
     "CVE-2025-44015"
   ],
   "details": "A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands.\n\nWe have already fixed the vulnerability in the following version:\nHybridDesk Station 4.2.18 and later",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"