Publish Advisories

GHSA-vc5p-9c2v-8jwq
GHSA-66j3-qphw-w8cc
GHSA-7hj6-h929-jq92
GHSA-9phg-gg4w-6m7h
GHSA-m6w7-6m35-32wx
GHSA-w88m-x3f4-8fp7

Author: advisory-database[bot]

advisories/unreviewed/2023/08/GHSA-vc5p-9c2v-8jwq/GHSA-vc5p-9c2v-8jwq.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vc5p-9c2v-8jwq",
-  "modified": "2025-05-05T15:30:44Z",
+  "modified": "2025-05-20T00:30:31Z",
   "published": "2023-08-04T00:30:16Z",
   "aliases": [
     "CVE-2023-38951"
@@ -23,6 +23,14 @@
       "type": "WEB",
       "url": "https://claroty.com/team82/disclosure-dashboard/cve-2023-38951"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/omair2084/biotime-rce-8.5.5/blob/main/biotime_enum.py"
+    },
+    {
+      "type": "WEB",
+      "url": "https://krashconsulting.com/fury-of-fingers-biotime-rce"
+    },
     {
       "type": "WEB",
       "url": "https://sploitus.com/exploit?id=PACKETSTORM:177859"

advisories/unreviewed/2025/05/GHSA-66j3-qphw-w8cc/GHSA-66j3-qphw-w8cc.json

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-66j3-qphw-w8cc",
+  "modified": "2025-05-20T00:30:32Z",
+  "published": "2025-05-20T00:30:32Z",
+  "aliases": [
+    "CVE-2025-3079"
+  ],
+  "details": "A passback vulnerability which relates to office/small office multifunction printers and laser printers.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3079"
+    },
+    {
+      "type": "WEB",
+      "url": "https://canon.jp/support/support-info/250519vulnerability-response"
+    },
+    {
+      "type": "WEB",
+      "url": "https://corporate.jp.canon/caution/160106"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/advisory-information/cp2025-004"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/hardening"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.canon-europe.com/support/product-security"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usa.canon.com/about-us/to-our-customers/cp2025-004-vulnerability-mitigation-remediation-for-production-printers-office-small-office-multifunction-printers-laser-printers"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-522"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-20T00:15:25Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-7hj6-h929-jq92/GHSA-7hj6-h929-jq92.json

@@ -0,0 +1,40 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7hj6-h929-jq92",
+  "modified": "2025-05-20T00:30:32Z",
+  "published": "2025-05-20T00:30:32Z",
+  "aliases": [
+    "CVE-2025-4971"
+  ],
+  "details": "Broadcom Automic\nAutomation Agent Unix versions <\n24.3.0 HF4 and < 21.0.13 HF1 allow low privileged users who have execution\nrights on the agent executable to escalate their privileges.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4971"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25732"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.secuvera.de/advisories/secuvera-SA-2025-01.txt"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-426"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-20T00:15:25Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-9phg-gg4w-6m7h/GHSA-9phg-gg4w-6m7h.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9phg-gg4w-6m7h",
-  "modified": "2025-05-15T21:31:27Z",
+  "modified": "2025-05-20T00:30:31Z",
   "published": "2025-05-15T21:31:27Z",
   "aliases": [
     "CVE-2023-6783"
   ],
   "details": "The WolfNet IDX for WordPress plugin through 1.19.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -21,7 +26,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-05-15T20:15:29Z"

advisories/unreviewed/2025/05/GHSA-m6w7-6m35-32wx/GHSA-m6w7-6m35-32wx.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m6w7-6m35-32wx",
+  "modified": "2025-05-20T00:30:31Z",
+  "published": "2025-05-20T00:30:31Z",
+  "aliases": [
+    "CVE-2025-1308"
+  ],
+  "details": "A vulnerability exists in PX Backup whereby sensitive information may be logged under specific conditions.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-1308"
+    },
+    {
+      "type": "WEB",
+      "url": "https://support.purestorage.com/Pure_Security"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-116"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-19T22:15:20Z"
+  }
+}

advisories/unreviewed/2025/05/GHSA-w88m-x3f4-8fp7/GHSA-w88m-x3f4-8fp7.json

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-w88m-x3f4-8fp7",
+  "modified": "2025-05-20T00:30:31Z",
+  "published": "2025-05-20T00:30:31Z",
+  "aliases": [
+    "CVE-2025-3078"
+  ],
+  "details": "A passback vulnerability which relates to production printers and office multifunction printers.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-3078"
+    },
+    {
+      "type": "WEB",
+      "url": "https://canon.jp/support/support-info/250519vulnerability-response"
+    },
+    {
+      "type": "WEB",
+      "url": "https://corporate.jp.canon/caution/160106"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/advisory-information/cp2025-004"
+    },
+    {
+      "type": "WEB",
+      "url": "https://psirt.canon/hardening"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.canon-europe.com/support/product-security"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usa.canon.com/about-us/to-our-customers/cp2025-004-vulnerability-mitigation-remediation-for-production-printers-office-small-office-multifunction-printers-laser-printers"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-522"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-05-20T00:15:24Z"
+  }
+}