Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2025/02/GHSA-jx64-r67p-6v8c/GHSA-jx64-r67p-6v8c.json

@@ -30,7 +30,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-1295"
+      "CWE-1295",
+      "CWE-532"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2025/02/GHSA-m4cp-qj9v-7wpc/GHSA-m4cp-qj9v-7wpc.json

@@ -26,7 +26,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-77"
+      "CWE-77",
+      "CWE-78"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2025/08/GHSA-fr8x-pm73-6f4h/GHSA-fr8x-pm73-6f4h.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fr8x-pm73-6f4h",
-  "modified": "2025-08-28T18:30:38Z",
+  "modified": "2025-09-09T21:30:25Z",
   "published": "2025-08-28T18:30:38Z",
   "aliases": [
     "CVE-2024-13986"
   ],
   "details": "Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an arbitrary file upload and a path traversal in the Core Config Snapshots interface. The issue arises from insufficient validation of file paths and extensions during MIB upload and snapshot rename operations. Exploitation results in the placement of attacker-controlled PHP files in a web-accessible directory, executed as the www-data user.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2025/08/GHSA-w6r8-h9q4-qq7v/GHSA-w6r8-h9q4-qq7v.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-w6r8-h9q4-qq7v",
-  "modified": "2025-08-20T15:31:42Z",
+  "modified": "2025-09-09T21:30:24Z",
   "published": "2025-08-20T15:31:42Z",
   "aliases": [
     "CVE-2025-8448"
@@ -11,6 +11,10 @@
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:A/AC:H/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
     }
   ],
   "affected": [],

advisories/unreviewed/2025/08/GHSA-wfxh-fhm9-jjv9/GHSA-wfxh-fhm9-jjv9.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wfxh-fhm9-jjv9",
-  "modified": "2025-08-28T00:30:29Z",
+  "modified": "2025-09-09T21:30:25Z",
   "published": "2025-08-28T00:30:29Z",
   "aliases": [
     "CVE-2023-7308"
   ],
   "details": "SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information disclosure vulnerability in the /cgi-bin/authUser/authManageSet.cgi endpoint. The affected component fails to enforce authentication checks on POST requests to retrieve user data. An unauthenticated remote attacker can exploit this flaw to obtain sensitive information, including user identifiers and configuration details, by sending crafted requests to the vulnerable endpoint. An affected version range is undefined.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
@@ -34,7 +38,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-200"
+      "CWE-200",
+      "CWE-306"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2025/08/GHSA-x8gj-2629-fvg8/GHSA-x8gj-2629-fvg8.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-x8gj-2629-fvg8",
-  "modified": "2025-08-28T21:31:25Z",
+  "modified": "2025-09-09T21:30:25Z",
   "published": "2025-08-28T00:30:29Z",
   "aliases": [
     "CVE-2024-13979"
   ],
   "details": "A SQL injection vulnerability exists in the St. Joe ERP system (\"圣乔ERP系统\") that allows unauthenticated remote attackers to execute arbitrary SQL commands via crafted HTTP POST requests to the login endpoint. The application fails to properly sanitize user-supplied input before incorporating it into SQL queries, enabling direct manipulation of the backend database. Successful exploitation may result in unauthorized data access, modification of records, or limited disruption of service. An affected version range is undefined.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2025/09/GHSA-2cm8-jvh6-3x6v/GHSA-2cm8-jvh6-3x6v.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2cm8-jvh6-3x6v",
+  "modified": "2025-09-09T21:30:30Z",
+  "published": "2025-09-09T21:30:30Z",
+  "aliases": [
+    "CVE-2025-54257"
+  ],
+  "details": "Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file, and scope is unchanged.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54257"
+    },
+    {
+      "type": "WEB",
+      "url": "https://helpx.adobe.com/security/products/acrobat/apsb25-85.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-416"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-09T20:15:44Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-2qxf-2q6r-ff67/GHSA-2qxf-2q6r-ff67.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2qxf-2q6r-ff67",
+  "modified": "2025-09-09T21:30:28Z",
+  "published": "2025-09-09T21:30:28Z",
+  "aliases": [
+    "CVE-2025-55052"
+  ],
+  "details": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55052"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-200"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-09T19:15:54Z"
+  }
+}

advisories/unreviewed/2025/09/GHSA-34r3-h75p-74mh/GHSA-34r3-h75p-74mh.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-34r3-h75p-74mh",
-  "modified": "2025-09-09T06:30:17Z",
+  "modified": "2025-09-09T21:30:26Z",
   "published": "2025-09-09T06:30:17Z",
   "aliases": [
     "CVE-2025-8889"
   ],
   "details": "The Compress & Upload WordPress plugin before 1.0.5 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -21,7 +26,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-09-09T06:15:32Z"

advisories/unreviewed/2025/09/GHSA-3cv5-r4jh-v4pj/GHSA-3cv5-r4jh-v4pj.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3cv5-r4jh-v4pj",
+  "modified": "2025-09-09T21:30:29Z",
+  "published": "2025-09-09T21:30:28Z",
+  "aliases": [
+    "CVE-2025-34173"
+  ],
+  "details": "In pfSense CE /usr/local/www/snort/snort_ip_reputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, which allows an attacker to enumerate files on the target. The attacker must be authenticated with at least \"WebCfg - Services: Snort package\" permissions.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34173"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/pfsense/FreeBSD-ports/commit/d6f462bcc446969f8955c16cfde300d5c9ab7435"
+    },
+    {
+      "type": "WEB",
+      "url": "https://redmine.pfsense.org/issues/16412"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-09-09T20:15:38Z"
+  }
+}