Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit a36c7829f6b6 · 2025-11-28T09:32:38.000Z
GHSA-2pf8-84f8-xmcp GHSA-3w4g-9275-6hgj GHSA-5h78-3w3c-qh32 GHSA-7w7v-v6f9-93rj GHSA-863h-c4v7-h5fv GHSA-93q9-crcw-vwgq GHSA-w7p3-5r7j-j9pc GHSA-xh4p-6jqr-58x9
diff --git a/advisories/unreviewed/2025/11/GHSA-2pf8-84f8-xmcp/GHSA-2pf8-84f8-xmcp.json b/advisories/unreviewed/2025/11/GHSA-2pf8-84f8-xmcp/GHSA-2pf8-84f8-xmcp.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2pf8-84f8-xmcp",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-13769"
+  ],
+  "details": "WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13769"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T08:15:53Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-3w4g-9275-6hgj/GHSA-3w4g-9275-6hgj.json b/advisories/unreviewed/2025/11/GHSA-3w4g-9275-6hgj/GHSA-3w4g-9275-6hgj.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3w4g-9275-6hgj",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-13770"
+  ],
+  "details": "WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13770"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T08:15:53Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-5h78-3w3c-qh32/GHSA-5h78-3w3c-qh32.json b/advisories/unreviewed/2025/11/GHSA-5h78-3w3c-qh32/GHSA-5h78-3w3c-qh32.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5h78-3w3c-qh32",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-13771"
+  ],
+  "details": "WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13771"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-23"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T08:15:54Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-7w7v-v6f9-93rj/GHSA-7w7v-v6f9-93rj.json b/advisories/unreviewed/2025/11/GHSA-7w7v-v6f9-93rj/GHSA-7w7v-v6f9-93rj.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7w7v-v6f9-93rj",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-13768"
+  ],
+  "details": "WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log into the system as any user by modifying a specific parameter. Attackers must first obtain a user ID to exploit this vulnerability.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13768"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-639"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T08:15:52Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-863h-c4v7-h5fv/GHSA-863h-c4v7-h5fv.json b/advisories/unreviewed/2025/11/GHSA-863h-c4v7-h5fv/GHSA-863h-c4v7-h5fv.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-863h-c4v7-h5fv",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-66384"
+  ],
+  "details": "app/Controller/EventsController.php in MISP before 2.5.24 has invalid logic in checking for uploaded file validity, related to tmp_name.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66384"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/misp/misp/commit/6867f0d3157a1959154bdad9ddac009dec6a19f5"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/MISP/MISP/compare/v2.5.23...v2.5.24"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-684"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T07:15:59Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-93q9-crcw-vwgq/GHSA-93q9-crcw-vwgq.json b/advisories/unreviewed/2025/11/GHSA-93q9-crcw-vwgq/GHSA-93q9-crcw-vwgq.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-93q9-crcw-vwgq",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-66382"
+  ],
+  "details": "In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66382"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/libexpat/libexpat/issues/1076"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-407"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T07:15:57Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-w7p3-5r7j-j9pc/GHSA-w7p3-5r7j-j9pc.json b/advisories/unreviewed/2025/11/GHSA-w7p3-5r7j-j9pc/GHSA-w7p3-5r7j-j9pc.json
@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-w7p3-5r7j-j9pc",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-66386"
+  ],
+  "details": "app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site-admin.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66386"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/MISP/MISP/commit/7f4a0386d38672eddc139f5735d71c3b749623ce"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/MISP/MISP/compare/v2.5.26...v2.5.27"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-23"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T07:15:59Z"
+  }
+}
diff --git a/advisories/unreviewed/2025/11/GHSA-xh4p-6jqr-58x9/GHSA-xh4p-6jqr-58x9.json b/advisories/unreviewed/2025/11/GHSA-xh4p-6jqr-58x9/GHSA-xh4p-6jqr-58x9.json
@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-xh4p-6jqr-58x9",
+  "modified": "2025-11-28T09:30:17Z",
+  "published": "2025-11-28T09:30:17Z",
+  "aliases": [
+    "CVE-2025-66385"
+  ],
+  "details": "UsersController::edit in Cerebrate before 1.30 allows an authenticated non-privileged user to escalate their privileges (e.g., obtain a higher role such as admin) via the user-edit endpoint by supplying or modifying role_id or organisation_id fields in the edit request.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66385"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/cerebrate-project/cerebrate/commit/c9bfa90abc85d4a20a9cc2f282959b72bef829bb"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/cerebrate-project/cerebrate/compare/v1.29...v1.30"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vulnerability.circl.lu/api/vulnerability/gcve-1-2025-0017"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-472"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-11-28T07:15:59Z"
+  }
+}
