Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2022/05/GHSA-2rfj-vp7f-g45f/GHSA-2rfj-vp7f-g45f.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2rfj-vp7f-g45f",
-  "modified": "2022-10-06T18:52:05Z",
+  "modified": "2025-12-08T09:30:17Z",
   "published": "2022-05-24T19:04:14Z",
   "aliases": [
     "CVE-2021-20699"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20699"
     },
+    {
+      "type": "WEB",
+      "url": "https://sharp-displays.jp.sharp/global/support/info/A5-1_vulnerability.html"
+    },
     {
       "type": "WEB",
       "url": "https://www.sharp-nec-displays.com/global/support/info/A5-1_vulnerability.html"

advisories/unreviewed/2024/02/GHSA-4x63-78pq-hqc9/GHSA-4x63-78pq-hqc9.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4x63-78pq-hqc9",
-  "modified": "2024-02-14T21:30:31Z",
+  "modified": "2025-12-08T09:30:17Z",
   "published": "2024-02-05T09:30:28Z",
   "aliases": [
     "CVE-2023-7077"
   ],
-  "details": "Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.\n\n",
+  "details": "Sharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554HB, E705, E805, E905, UN551S, UN551VS, X551UHD, X651UHD, X841UHD, X981UHD, MD551C8) allows an attacker execute remote code by sending unintended parameters in http request.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-7077"
     },
+    {
+      "type": "WEB",
+      "url": "https://sharp-displays.jp.sharp/global/support/info/A4_vulnerability.html"
+    },
     {
       "type": "WEB",
       "url": "https://www.sharp-nec-displays.com/global/support/info/A4_vulnerability.html"

advisories/unreviewed/2024/09/GHSA-c2vh-2vcm-gqjq/GHSA-c2vh-2vcm-gqjq.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c2vh-2vcm-gqjq",
-  "modified": "2024-11-05T21:30:32Z",
+  "modified": "2025-12-08T09:30:17Z",
   "published": "2024-09-27T03:30:29Z",
   "aliases": [
     "CVE-2024-7011"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7011"
     },
+    {
+      "type": "WEB",
+      "url": "https://sharp-displays.jp.sharp/global/support/info/Projector_vulnerability_202408.html"
+    },
     {
       "type": "WEB",
       "url": "https://www.sharp-nec-displays.com/global/support/info/Projector_vulnerability_202408.html"

advisories/unreviewed/2025/11/GHSA-r6gx-fcg6-8hhj/GHSA-r6gx-fcg6-8hhj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r6gx-fcg6-8hhj",
-  "modified": "2025-12-08T03:31:00Z",
+  "modified": "2025-12-08T09:30:17Z",
   "published": "2025-11-25T09:31:24Z",
   "aliases": [
     "CVE-2025-13502"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13502"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:22789"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:22790"

advisories/unreviewed/2025/12/GHSA-22x7-mc8g-7jg9/GHSA-22x7-mc8g-7jg9.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-22x7-mc8g-7jg9",
+  "modified": "2025-12-08T09:30:18Z",
+  "published": "2025-12-08T09:30:18Z",
+  "aliases": [
+    "CVE-2025-66326"
+  ],
+  "details": "Race condition vulnerability in the audio module. Impact: Successful exploitation of this vulnerability may affect availability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66326"
+    },
+    {
+      "type": "WEB",
+      "url": "https://consumer.huawei.com/en/support/bulletin/2025/12"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T08:15:54Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-282p-p74m-mx9r/GHSA-282p-p74m-mx9r.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-282p-p74m-mx9r",
+  "modified": "2025-12-08T09:30:19Z",
+  "published": "2025-12-08T09:30:19Z",
+  "aliases": [
+    "CVE-2025-66333"
+  ],
+  "details": "Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66333"
+    },
+    {
+      "type": "WEB",
+      "url": "https://consumer.huawei.com/en/support/bulletin/2025/12"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-494"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T09:15:48Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-2rh7-xqm7-m994/GHSA-2rh7-xqm7-m994.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2rh7-xqm7-m994",
+  "modified": "2025-12-08T09:30:18Z",
+  "published": "2025-12-08T09:30:18Z",
+  "aliases": [
+    "CVE-2025-12956"
+  ],
+  "details": "A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12956"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-12956"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T09:15:46Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-3673-w8f8-x9q3/GHSA-3673-w8f8-x9q3.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3673-w8f8-x9q3",
+  "modified": "2025-12-08T09:30:17Z",
+  "published": "2025-12-08T09:30:17Z",
+  "aliases": [
+    "CVE-2025-14255"
+  ],
+  "details": "Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14255"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/en/cp-139-10543-380bd-2.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/tw/cp-132-10542-4c682-1.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T08:15:52Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-3fj7-8wvw-vhf5/GHSA-3fj7-8wvw-vhf5.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3fj7-8wvw-vhf5",
+  "modified": "2025-12-08T09:30:19Z",
+  "published": "2025-12-08T09:30:19Z",
+  "aliases": [
+    "CVE-2025-66334"
+  ],
+  "details": "Denial of service (DoS) vulnerability in the office service. Impact: Successful exploitation of this vulnerability may affect availability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66334"
+    },
+    {
+      "type": "WEB",
+      "url": "https://consumer.huawei.com/en/support/bulletin/2025/12"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-494"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T09:15:48Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-65p6-q569-qv43/GHSA-65p6-q569-qv43.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-65p6-q569-qv43",
+  "modified": "2025-12-08T09:30:17Z",
+  "published": "2025-12-08T09:30:17Z",
+  "aliases": [
+    "CVE-2025-14223"
+  ],
+  "details": "A vulnerability has been found in code-projects Simple Leave Manager 1.0. Affected by this vulnerability is an unknown functionality of the file /request.php. Such manipulation of the argument staff_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14223"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/woshilaiyi/cve/issues/4"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.334665"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.334665"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.701639"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-08T08:15:51Z"
+  }
+}