Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2024/03/GHSA-cxqp-32c8-ch8c/GHSA-cxqp-32c8-ch8c.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cxqp-32c8-ch8c",
-  "modified": "2024-03-20T15:32:57Z",
+  "modified": "2025-05-13T00:31:10Z",
   "published": "2024-03-20T15:32:57Z",
   "aliases": [
     "CVE-2024-2721"
   ],
-  "details": "Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0.\n\n",
+  "details": "Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0.",
   "severity": [
     {
       "type": "CVSS_V3",

advisories/unreviewed/2024/03/GHSA-r5xr-mfqp-qmrq/GHSA-r5xr-mfqp-qmrq.json

@@ -25,7 +25,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-79"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,

advisories/unreviewed/2025/05/GHSA-27f3-wjfj-399m/GHSA-27f3-wjfj-399m.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-27f3-wjfj-399m",
-  "modified": "2025-05-12T18:31:46Z",
+  "modified": "2025-05-13T00:31:12Z",
   "published": "2025-05-12T18:31:46Z",
   "aliases": [
     "CVE-2025-45779"
   ],
   "details": "Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the formSetPPTPUserList handler via the list POST parameter.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-120"
+    ],
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-05-12T17:15:47Z"

advisories/unreviewed/2025/05/GHSA-289j-qjv7-62fr/GHSA-289j-qjv7-62fr.json

@@ -0,0 +1,49 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-289j-qjv7-62fr",
+  "modified": "2025-05-13T00:31:15Z",
+  "published": "2025-05-13T00:31:15Z",
+  "aliases": [
+    "CVE-2025-31257"
+  ],
+  "details": "This issue was addressed with improved memory handling. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected Safari crash.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31257"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122404"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122716"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122719"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122720"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122721"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122722"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:25Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-2fgw-qh65-pxv5/GHSA-2fgw-qh65-pxv5.json

@@ -0,0 +1,37 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2fgw-qh65-pxv5",
+  "modified": "2025-05-13T00:31:13Z",
+  "published": "2025-05-13T00:31:13Z",
+  "aliases": [
+    "CVE-2025-30442"
+  ],
+  "details": "The issue was addressed with improved input sanitization. This issue is fixed in macOS Sequoia 15.4, macOS Ventura 13.7.6, macOS Sonoma 14.7.6. An app may be able to gain elevated privileges.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30442"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122373"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122718"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:21Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-2xqw-mg48-p4j5/GHSA-2xqw-mg48-p4j5.json

@@ -0,0 +1,37 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2xqw-mg48-p4j5",
+  "modified": "2025-05-13T00:31:14Z",
+  "published": "2025-05-13T00:31:14Z",
+  "aliases": [
+    "CVE-2025-31232"
+  ],
+  "details": "A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. A sandboxed app may be able to access sensitive user data.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31232"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122716"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122718"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:23Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-3jpv-h4fh-v8h9/GHSA-3jpv-h4fh-v8h9.json

@@ -0,0 +1,53 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3jpv-h4fh-v8h9",
+  "modified": "2025-05-13T00:31:14Z",
+  "published": "2025-05-13T00:31:14Z",
+  "aliases": [
+    "CVE-2025-31215"
+  ],
+  "details": "The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to an unexpected process crash.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31215"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122404"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122405"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122716"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122719"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122720"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122721"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122722"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:22Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-422f-7vrg-37qx/GHSA-422f-7vrg-37qx.json

@@ -0,0 +1,49 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-422f-7vrg-37qx",
+  "modified": "2025-05-13T00:31:13Z",
+  "published": "2025-05-13T00:31:13Z",
+  "aliases": [
+    "CVE-2025-30448"
+  ],
+  "details": "This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.7.6, iPadOS 17.7.7, iOS 18.5 and iPadOS 18.5, visionOS 2.5, macOS Ventura 13.7.6, macOS Sequoia 15.4. An attacker may be able to turn on sharing of an iCloud folder without authentication.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30448"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122373"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122404"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122405"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122718"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122721"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:21Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-53gq-27mh-rqhg/GHSA-53gq-27mh-rqhg.json

@@ -0,0 +1,53 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-53gq-27mh-rqhg",
+  "modified": "2025-05-13T00:31:14Z",
+  "published": "2025-05-13T00:31:14Z",
+  "aliases": [
+    "CVE-2025-31222"
+  ],
+  "details": "A correctness issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma 14.7.6, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, macOS Ventura 13.7.6. A user may be able to elevate privileges.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31222"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122404"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122716"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122717"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122718"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122720"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122721"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122722"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:22Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-53jv-fmw5-42vr/GHSA-53jv-fmw5-42vr.json

@@ -0,0 +1,29 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-53jv-fmw5-42vr",
+  "modified": "2025-05-13T00:31:15Z",
+  "published": "2025-05-13T00:31:15Z",
+  "aliases": [
+    "CVE-2025-31250"
+  ],
+  "details": "An information disclosure issue was addressed with improved privacy controls. This issue is fixed in macOS Sequoia 15.5. An app may be able to access sensitive user data.",
+  "severity": [],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31250"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.apple.com/en-us/122716"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [],
+    "severity": null,
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-12T22:15:25Z"
+  }
+}