Skip to content

Commit 2fb01aa

Browse files
github-actions[bot]github-actions[bot]
committed
NVD Sync 2025-12-22 08:03
1 parent 9ea1599 commit 2fb01aa

File tree

7 files changed

+8
-6
lines changed

7 files changed

+8
-6
lines changed

cve/2025/CVE-2025-11544.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
{"cve": {"id": "CVE-2025-11544", "sourceIdentifier": "[email protected]", "published": "2025-12-22T06:15:50.767", "lastModified": "2025-12-22T06:15:50.767", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create and run unauthorized firmware."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.5, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-912"}]}], "references": [{"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11544.html", "source": "[email protected]"}]}}

cve/2025/CVE-2025-11545.json

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
{"cve": {"id": "CVE-2025-11545", "sourceIdentifier": "[email protected]", "published": "2025-12-22T06:15:50.953", "lastModified": "2025-12-22T06:15:50.953", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sharp Display Solutions projectors allows a attacker may improperly access the HTTP server and execute arbitrary actions."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.5, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "subAvailabilityImpact": "HIGH", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-497"}]}], "references": [{"url": "https://sharp-displays.jp.sharp/global/support/info/PJ-CVE-2025-11545.html", "source": "[email protected]"}]}}

cve/2025/CVE-2025-13502.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{"cve": {"id": "CVE-2025-13502", "sourceIdentifier": "[email protected]", "published": "2025-11-25T08:15:51.917", "lastModified": "2025-12-18T12:16:08.117", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-190"}]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:22789", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:22790", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23110", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23433", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23434", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23451", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23452", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23583", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23591", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13502", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416300", "source": "[email protected]"}]}}
1+
{"cve": {"id": "CVE-2025-13502", "sourceIdentifier": "[email protected]", "published": "2025-11-25T08:15:51.917", "lastModified": "2025-12-22T07:16:06.120", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-190"}]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:22789", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:22790", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23110", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23433", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23434", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23451", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23452", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23583", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23591", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23742", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23743", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13502", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416300", "source": "[email protected]"}]}}

cve/2025/CVE-2025-13609.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{"cve": {"id": "CVE-2025-13609", "sourceIdentifier": "[email protected]", "published": "2025-11-24T18:15:49.830", "lastModified": "2025-12-18T11:15:45.500", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 5.3}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-694"}]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:23201", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23210", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23628", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13609", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416761", "source": "[email protected]"}]}}
1+
{"cve": {"id": "CVE-2025-13609", "sourceIdentifier": "[email protected]", "published": "2025-11-24T18:15:49.830", "lastModified": "2025-12-22T07:16:06.983", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in keylime where an attacker can exploit this flaw by registering a new agent using a different Trusted Platform Module (TPM) device but claiming an existing agent's unique identifier (UUID). This action overwrites the legitimate agent's identity, enabling the attacker to impersonate the compromised agent and potentially bypass security controls."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.3, "impactScore": 5.3}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-694"}]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:23201", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23210", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23628", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23735", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13609", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2416761", "source": "[email protected]"}]}}

cve/2025/CVE-2025-13947.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
{"cve": {"id": "CVE-2025-13947", "sourceIdentifier": "[email protected]", "published": "2025-12-03T10:15:47.710", "lastModified": "2025-12-18T12:16:08.233", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.0}]}, "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:22789", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:22790", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23110", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23433", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23434", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23451", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23452", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23583", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23591", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13947", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418576", "source": "[email protected]"}]}}
1+
{"cve": {"id": "CVE-2025-13947", "sourceIdentifier": "[email protected]", "published": "2025-12-03T10:15:47.710", "lastModified": "2025-12-22T07:16:07.130", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in WebKitGTK. This vulnerability allows remote, user-assisted information disclosure that can reveal any file the user is permitted to read via abusing the file drag-and-drop mechanism where WebKitGTK does not verify that drag operations originate from outside the browser."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 4.0}]}, "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:22789", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:22790", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23110", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23433", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23434", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23451", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23452", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23583", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23591", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23742", "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2025:23743", "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2025-13947", "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418576", "source": "[email protected]"}]}}

0 commit comments

Comments
 (0)