Skip to content

Commit 069357e

Browse files
Advisory Database Sync
1 parent 2e0b5d3 commit 069357e

67 files changed

Lines changed: 1880 additions & 133 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/unreviewed/2025/05/GHSA-3h37-cc2v-wm7x/GHSA-3h37-cc2v-wm7x.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3h37-cc2v-wm7x",
4-
"modified": "2025-05-28T15:33:59Z",
4+
"modified": "2026-06-06T06:30:27Z",
55
"published": "2025-05-02T09:30:35Z",
66
"aliases": [
77
"CVE-2025-2812"
@@ -23,6 +23,10 @@
2323
"type": "WEB",
2424
"url": "https://github.com/sahici/CVE-2025-2812"
2525
},
26+
{
27+
"type": "WEB",
28+
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0099"
29+
},
2630
{
2731
"type": "WEB",
2832
"url": "https://www.usom.gov.tr/bildirim/tr-25-0099"

advisories/unreviewed/2025/05/GHSA-5m4f-q4wf-8492/GHSA-5m4f-q4wf-8492.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-5m4f-q4wf-8492",
4-
"modified": "2025-05-02T12:32:00Z",
4+
"modified": "2026-06-06T06:30:27Z",
55
"published": "2025-05-02T12:32:00Z",
66
"aliases": [
77
"CVE-2025-2488"
@@ -23,6 +23,10 @@
2323
"type": "WEB",
2424
"url": "https://sambabox.io/2025/04/14/version-5-1"
2525
},
26+
{
27+
"type": "WEB",
28+
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0101"
29+
},
2630
{
2731
"type": "WEB",
2832
"url": "https://www.usom.gov.tr/bildirim/tr-25-0101"

advisories/unreviewed/2025/05/GHSA-wwmj-wfcr-vx7r/GHSA-wwmj-wfcr-vx7r.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-wwmj-wfcr-vx7r",
4-
"modified": "2025-05-02T12:32:00Z",
4+
"modified": "2026-06-06T06:30:27Z",
55
"published": "2025-05-02T12:32:00Z",
66
"aliases": [
77
"CVE-2025-2421"
@@ -23,6 +23,10 @@
2323
"type": "WEB",
2424
"url": "https://sambabox.io/2025/04/14/version-5-1"
2525
},
26+
{
27+
"type": "WEB",
28+
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0101"
29+
},
2630
{
2731
"type": "WEB",
2832
"url": "https://www.usom.gov.tr/bildirim/tr-25-0101"

advisories/unreviewed/2025/09/GHSA-pm7h-7jrp-x78p/GHSA-pm7h-7jrp-x78p.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-pm7h-7jrp-x78p",
4-
"modified": "2025-09-03T15:30:33Z",
4+
"modified": "2026-06-06T06:30:27Z",
55
"published": "2025-09-03T15:30:33Z",
66
"aliases": [
77
"CVE-2025-2416"
@@ -19,6 +19,10 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2416"
2121
},
22+
{
23+
"type": "WEB",
24+
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0206"
25+
},
2226
{
2327
"type": "WEB",
2428
"url": "https://www.usom.gov.tr/bildirim/tr-25-0206"

advisories/unreviewed/2025/09/GHSA-vcxw-w67f-34rf/GHSA-vcxw-w67f-34rf.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-vcxw-w67f-34rf",
4-
"modified": "2025-09-04T12:30:41Z",
4+
"modified": "2026-06-06T06:30:28Z",
55
"published": "2025-09-04T12:30:41Z",
66
"aliases": [
77
"CVE-2025-2417"
@@ -19,6 +19,10 @@
1919
"type": "ADVISORY",
2020
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2417"
2121
},
22+
{
23+
"type": "WEB",
24+
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0207"
25+
},
2226
{
2327
"type": "WEB",
2428
"url": "https://www.usom.gov.tr/bildirim/tr-25-0207"

advisories/unreviewed/2026/06/GHSA-2q8q-vfwp-hvch/GHSA-2q8q-vfwp-hvch.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2q8q-vfwp-hvch",
4-
"modified": "2026-06-05T00:31:48Z",
4+
"modified": "2026-06-06T06:30:28Z",
55
"published": "2026-06-05T00:31:48Z",
66
"aliases": [
77
"CVE-2026-11134"
88
],
99
"details": "Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -24,8 +29,10 @@
2429
}
2530
],
2631
"database_specific": {
27-
"cwe_ids": [],
28-
"severity": null,
32+
"cwe_ids": [
33+
"CWE-352"
34+
],
35+
"severity": "MODERATE",
2936
"github_reviewed": false,
3037
"github_reviewed_at": null,
3138
"nvd_published_at": "2026-06-04T23:17:19Z"

advisories/unreviewed/2026/06/GHSA-3fp8-pm45-cc3h/GHSA-3fp8-pm45-cc3h.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3fp8-pm45-cc3h",
4-
"modified": "2026-06-05T00:31:48Z",
4+
"modified": "2026-06-06T06:30:28Z",
55
"published": "2026-06-05T00:31:48Z",
66
"aliases": [
77
"CVE-2026-11138"
88
],
99
"details": "Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -27,7 +32,7 @@
2732
"cwe_ids": [
2833
"CWE-457"
2934
],
30-
"severity": null,
35+
"severity": "MODERATE",
3136
"github_reviewed": false,
3237
"github_reviewed_at": null,
3338
"nvd_published_at": "2026-06-04T23:17:19Z"

advisories/unreviewed/2026/06/GHSA-3h3m-2wg7-xmc3/GHSA-3h3m-2wg7-xmc3.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3h3m-2wg7-xmc3",
4-
"modified": "2026-06-05T00:31:47Z",
4+
"modified": "2026-06-06T06:30:28Z",
55
"published": "2026-06-05T00:31:47Z",
66
"aliases": [
77
"CVE-2026-11112"
88
],
99
"details": "Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Medium)",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -27,7 +32,7 @@
2732
"cwe_ids": [
2833
"CWE-20"
2934
],
30-
"severity": null,
35+
"severity": "CRITICAL",
3136
"github_reviewed": false,
3237
"github_reviewed_at": null,
3338
"nvd_published_at": "2026-06-04T23:17:16Z"
Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3j57-m2q5-hqgp",
4+
"modified": "2026-06-06T06:30:29Z",
5+
"published": "2026-06-06T06:30:29Z",
6+
"aliases": [
7+
"CVE-2026-7565"
8+
],
9+
"details": "The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to Arbitrary File Read via Directory Traversal in all versions up to, and including, 4.1.4 via the 'import-user-file' parameter parameter. This makes it possible for authenticated attackers, with administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
14+
}
15+
],
16+
"affected": [],
17+
"references": [
18+
{
19+
"type": "ADVISORY",
20+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7565"
21+
},
22+
{
23+
"type": "WEB",
24+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/tags/4.1.1/inc/admin/providers/learnpress/class-lp-import-user-data.php#L150"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/tags/4.1.1/inc/admin/providers/learnpress/class-lp-import-user-data.php#L190"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/tags/4.1.4/inc/admin/providers/learnpress/class-lp-import-user-data.php#L150"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/tags/4.1.4/inc/admin/providers/learnpress/class-lp-import-user-data.php#L190"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/trunk/inc/admin/providers/learnpress/class-lp-import-user-data.php#L150"
41+
},
42+
{
43+
"type": "WEB",
44+
"url": "https://plugins.trac.wordpress.org/browser/learnpress-import-export/trunk/inc/admin/providers/learnpress/class-lp-import-user-data.php#L190"
45+
},
46+
{
47+
"type": "WEB",
48+
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3546889%40learnpress-import-export&new=3546889%40learnpress-import-export&sfp_email=&sfph_mail="
49+
},
50+
{
51+
"type": "WEB",
52+
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0f6d0ba7-f9e8-493b-9e6d-62f1c662e21e?source=cve"
53+
}
54+
],
55+
"database_specific": {
56+
"cwe_ids": [
57+
"CWE-22"
58+
],
59+
"severity": "MODERATE",
60+
"github_reviewed": false,
61+
"github_reviewed_at": null,
62+
"nvd_published_at": "2026-06-06T04:17:35Z"
63+
}
64+
}

advisories/unreviewed/2026/06/GHSA-3vp9-pqvg-4pp2/GHSA-3vp9-pqvg-4pp2.json

Lines changed: 11 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3vp9-pqvg-4pp2",
4-
"modified": "2026-06-05T00:31:48Z",
4+
"modified": "2026-06-06T06:30:28Z",
55
"published": "2026-06-05T00:31:48Z",
66
"aliases": [
77
"CVE-2026-11135"
88
],
99
"details": "Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)",
10-
"severity": [],
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"
14+
}
15+
],
1116
"affected": [],
1217
"references": [
1318
{
@@ -24,8 +29,10 @@
2429
}
2530
],
2631
"database_specific": {
27-
"cwe_ids": [],
28-
"severity": null,
32+
"cwe_ids": [
33+
"CWE-284"
34+
],
35+
"severity": "MODERATE",
2936
"github_reviewed": false,
3037
"github_reviewed_at": null,
3138
"nvd_published_at": "2026-06-04T23:17:19Z"

0 commit comments

Comments
 (0)