Skip to content

Commit cc7209e

Browse files
advisory-database[bot]advisory-database[bot]
committed
Advisory Database Sync
1 parent 8e0297c commit cc7209e

File tree

25 files changed

+783
-10
lines changed

25 files changed

+783
-10
lines changed

advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-76p7-773f-r4q5",
4-
"modified": "2025-06-05T00:31:18Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2025-02-10T18:30:47Z",
66
"aliases": [
77
"CVE-2024-11831"
@@ -64,6 +64,10 @@
6464
"type": "WEB",
6565
"url": "https://access.redhat.com/errata/RHSA-2025:1468"
6666
},
67+
{
68+
"type": "WEB",
69+
"url": "https://access.redhat.com/errata/RHSA-2025:21068"
70+
},
6771
{
6872
"type": "WEB",
6973
"url": "https://access.redhat.com/errata/RHSA-2025:4511"

advisories/unreviewed/2022/06/GHSA-9rc7-jmvv-4fhr/GHSA-9rc7-jmvv-4fhr.json

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-9rc7-jmvv-4fhr",
4-
"modified": "2022-06-23T00:00:28Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2022-06-15T00:00:28Z",
66
"aliases": [
77
"CVE-2022-30231"
@@ -11,6 +11,10 @@
1111
{
1212
"type": "CVSS_V3",
1313
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
1418
}
1519
],
1620
"affected": [],
@@ -19,13 +23,18 @@
1923
"type": "ADVISORY",
2024
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30231"
2125
},
26+
{
27+
"type": "WEB",
28+
"url": "https://cert-portal.siemens.com/productcert/html/ssa-631336.html"
29+
},
2230
{
2331
"type": "WEB",
2432
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf"
2533
}
2634
],
2735
"database_specific": {
2836
"cwe_ids": [
37+
"CWE-402",
2938
"CWE-522"
3039
],
3140
"severity": "MODERATE",

advisories/unreviewed/2022/06/GHSA-c8r6-6crw-m7wv/GHSA-c8r6-6crw-m7wv.json

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c8r6-6crw-m7wv",
4-
"modified": "2022-06-23T00:00:28Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2022-06-15T00:00:28Z",
66
"aliases": [
77
"CVE-2022-30230"
@@ -11,6 +11,10 @@
1111
{
1212
"type": "CVSS_V3",
1313
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
1418
}
1519
],
1620
"affected": [],
@@ -19,6 +23,10 @@
1923
"type": "ADVISORY",
2024
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30230"
2125
},
26+
{
27+
"type": "WEB",
28+
"url": "https://cert-portal.siemens.com/productcert/html/ssa-631336.html"
29+
},
2230
{
2331
"type": "WEB",
2432
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf"

advisories/unreviewed/2022/06/GHSA-rq2g-2prr-ww75/GHSA-rq2g-2prr-ww75.json

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-rq2g-2prr-ww75",
4-
"modified": "2022-06-25T00:00:57Z",
4+
"modified": "2025-11-12T09:30:25Z",
55
"published": "2022-06-15T00:00:28Z",
66
"aliases": [
77
"CVE-2022-30228"
@@ -11,6 +11,10 @@
1111
{
1212
"type": "CVSS_V3",
1313
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
1418
}
1519
],
1620
"affected": [],
@@ -19,6 +23,10 @@
1923
"type": "ADVISORY",
2024
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30228"
2125
},
26+
{
27+
"type": "WEB",
28+
"url": "https://cert-portal.siemens.com/productcert/html/ssa-631336.html"
29+
},
2230
{
2331
"type": "WEB",
2432
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf"

advisories/unreviewed/2022/06/GHSA-w7w8-pmxh-5jhc/GHSA-w7w8-pmxh-5jhc.json

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-w7w8-pmxh-5jhc",
4-
"modified": "2022-06-24T00:00:33Z",
4+
"modified": "2025-11-12T09:30:25Z",
55
"published": "2022-06-15T00:00:28Z",
66
"aliases": [
77
"CVE-2022-30229"
@@ -11,6 +11,10 @@
1111
{
1212
"type": "CVSS_V3",
1313
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
1418
}
1519
],
1620
"affected": [],
@@ -19,14 +23,19 @@
1923
"type": "ADVISORY",
2024
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-30229"
2125
},
26+
{
27+
"type": "WEB",
28+
"url": "https://cert-portal.siemens.com/productcert/html/ssa-631336.html"
29+
},
2230
{
2331
"type": "WEB",
2432
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-631336.pdf"
2533
}
2634
],
2735
"database_specific": {
2836
"cwe_ids": [
29-
"CWE-287"
37+
"CWE-287",
38+
"CWE-306"
3039
],
3140
"severity": "MODERATE",
3241
"github_reviewed": false,

advisories/unreviewed/2022/07/GHSA-xp6h-v5w9-gwqx/GHSA-xp6h-v5w9-gwqx.json

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-xp6h-v5w9-gwqx",
4-
"modified": "2022-07-20T00:00:18Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2022-07-13T00:01:56Z",
66
"aliases": [
77
"CVE-2022-34464"
@@ -11,6 +11,10 @@
1111
{
1212
"type": "CVSS_V3",
1313
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
1418
}
1519
],
1620
"affected": [],
@@ -19,13 +23,18 @@
1923
"type": "ADVISORY",
2024
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34464"
2125
},
26+
{
27+
"type": "WEB",
28+
"url": "https://cert-portal.siemens.com/productcert/html/ssa-225578.html"
29+
},
2230
{
2331
"type": "WEB",
2432
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-225578.pdf"
2533
}
2634
],
2735
"database_specific": {
2836
"cwe_ids": [
37+
"CWE-552",
2938
"CWE-668"
3039
],
3140
"severity": "MODERATE",

advisories/unreviewed/2023/11/GHSA-9jpv-w64v-mgr2/GHSA-9jpv-w64v-mgr2.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-9jpv-w64v-mgr2",
4-
"modified": "2024-02-15T06:31:32Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2023-11-02T09:30:18Z",
66
"aliases": [
77
"CVE-2023-46595"
88
],
9-
"details": "Net-NTLM leak in Fireflow A32.20 and A32.50 allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks.\n\n",
9+
"details": "Net-NTLM leak in Fireflow A32.20 and A32.50 allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks.",
1010
"severity": [
1111
{
1212
"type": "CVSS_V3",

advisories/unreviewed/2025/09/GHSA-qc8j-wvjf-7jfj/GHSA-qc8j-wvjf-7jfj.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-qc8j-wvjf-7jfj",
4-
"modified": "2025-11-12T03:30:25Z",
4+
"modified": "2025-11-12T09:30:26Z",
55
"published": "2025-09-23T18:30:24Z",
66
"aliases": [
77
"CVE-2025-9900"
@@ -55,6 +55,10 @@
5555
"type": "WEB",
5656
"url": "https://access.redhat.com/errata/RHSA-2025:21061"
5757
},
58+
{
59+
"type": "WEB",
60+
"url": "https://access.redhat.com/errata/RHSA-2025:21060"
61+
},
5862
{
5963
"type": "WEB",
6064
"url": "https://access.redhat.com/errata/RHSA-2025:20998"

advisories/unreviewed/2025/11/GHSA-3r8r-ch94-c42m/GHSA-3r8r-ch94-c42m.json

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3r8r-ch94-c42m",
4+
"modified": "2025-11-12T09:30:27Z",
5+
"published": "2025-11-12T09:30:27Z",
6+
"aliases": [
7+
"CVE-2025-64403"
8+
],
9+
"details": "Apache OpenOffice Calc spreadsheet can contain links to other files, in the form of \"external data sources\". A missing Authorization vulnerability in Apache OpenOffice allowed an attacker to craft a document that would cause such links \nto be loaded without prompt.\n\nThis issue affects Apache OpenOffice: through 4.1.15.\n\nUsers are recommended to upgrade to version 4.1.16, which fixes the issue.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64403"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://lists.apache.org/thread/t7c6jhvdb00xtgd9vvn7h5sq9f4h5trt"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://www.openoffice.org/security/cves/CVE-2025-64403.html"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "http://www.openwall.com/lists/oss-security/2025/11/11/6"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [
32+
"CWE-862"
33+
],
34+
"severity": null,
35+
"github_reviewed": false,
36+
"github_reviewed_at": null,
37+
"nvd_published_at": "2025-11-12T09:15:41Z"
38+
}
39+
}

advisories/unreviewed/2025/11/GHSA-4765-m9wv-v7gx/GHSA-4765-m9wv-v7gx.json

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4765-m9wv-v7gx",
4+
"modified": "2025-11-12T09:30:26Z",
5+
"published": "2025-11-12T09:30:26Z",
6+
"aliases": [
7+
"CVE-2025-12870"
8+
],
9+
"details": "The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12870"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.twcert.org.tw/en/cp-139-10487-12a32-2.html"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://www.twcert.org.tw/tw/cp-132-10486-a3459-1.html"
33+
}
34+
],
35+
"database_specific": {
36+
"cwe_ids": [
37+
"CWE-1390"
38+
],
39+
"severity": "CRITICAL",
40+
"github_reviewed": false,
41+
"github_reviewed_at": null,
42+
"nvd_published_at": "2025-11-12T08:15:41Z"
43+
}
44+
}

0 commit comments

Comments
 (0)