Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2022/05/GHSA-38f2-9m48-4vff/GHSA-38f2-9m48-4vff.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-38f2-9m48-4vff",
-  "modified": "2022-05-24T17:47:34Z",
+  "modified": "2026-04-14T21:31:40Z",
   "published": "2022-05-24T17:47:34Z",
   "aliases": [
     "CVE-2021-27130"
   ],
   "details": "Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {

advisories/unreviewed/2026/03/GHSA-4m3q-v5m4-mc2x/GHSA-4m3q-v5m4-mc2x.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4m3q-v5m4-mc2x",
-  "modified": "2026-03-26T15:30:41Z",
+  "modified": "2026-04-14T21:31:41Z",
   "published": "2026-03-26T15:30:41Z",
   "aliases": [
     "CVE-2026-27664"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://cert-portal.siemens.com/productcert/html/ssa-246443.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://seclists.org/fulldisclosure/2026/Apr/7"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/03/GHSA-j3fp-8j72-vf4g/GHSA-j3fp-8j72-vf4g.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j3fp-8j72-vf4g",
-  "modified": "2026-03-26T15:30:41Z",
+  "modified": "2026-04-14T21:31:41Z",
   "published": "2026-03-26T15:30:41Z",
   "aliases": [
     "CVE-2026-27663"
@@ -26,6 +26,10 @@
     {
       "type": "WEB",
       "url": "https://cert-portal.siemens.com/productcert/html/ssa-246443.html"
+    },
+    {
+      "type": "WEB",
+      "url": "http://seclists.org/fulldisclosure/2026/Apr/6"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/04/GHSA-2j6r-34xw-23mj/GHSA-2j6r-34xw-23mj.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2j6r-34xw-23mj",
-  "modified": "2026-04-08T09:31:32Z",
+  "modified": "2026-04-14T21:31:42Z",
   "published": "2026-04-08T09:31:32Z",
   "aliases": [
     "CVE-2026-39544"
   ],
   "details": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affects LabtechCO: from n/a through <= 8.3.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -23,7 +28,7 @@
     "cwe_ids": [
       "CWE-98"
     ],
-    "severity": null,
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2026-04-08T09:16:27Z"

advisories/unreviewed/2026/04/GHSA-33v2-523j-4qw6/GHSA-33v2-523j-4qw6.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-33v2-523j-4qw6",
+  "modified": "2026-04-14T21:31:47Z",
+  "published": "2026-04-14T21:31:47Z",
+  "aliases": [
+    "CVE-2026-34625"
+  ],
+  "details": "Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in that a victim must visit a crafted webpage.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34625"
+    },
+    {
+      "type": "WEB",
+      "url": "https://helpx.adobe.com/security/products/aem-screens/apsb26-34.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-14T19:16:38Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-446f-x529-8hw2/GHSA-446f-x529-8hw2.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-446f-x529-8hw2",
-  "modified": "2026-04-14T18:30:33Z",
+  "modified": "2026-04-14T21:31:46Z",
   "published": "2026-04-14T12:31:28Z",
   "aliases": [
     "CVE-2026-24069"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://r.sec-consult.com/kiuwanlock"
+    },
+    {
+      "type": "WEB",
+      "url": "http://seclists.org/fulldisclosure/2026/Apr/5"
     }
   ],
   "database_specific": {

advisories/unreviewed/2026/04/GHSA-5jvx-5q86-rxx3/GHSA-5jvx-5q86-rxx3.json

@@ -33,7 +33,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-125"
+    ],
     "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,

advisories/unreviewed/2026/04/GHSA-67qf-qf6p-xgv3/GHSA-67qf-qf6p-xgv3.json

@@ -30,7 +30,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-122"
+      "CWE-122",
+      "CWE-787"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2026/04/GHSA-7r6q-467q-xx63/GHSA-7r6q-467q-xx63.json

@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-7r6q-467q-xx63",
+  "modified": "2026-04-14T21:31:48Z",
+  "published": "2026-04-14T21:31:48Z",
+  "aliases": [
+    "CVE-2026-27313"
+  ],
+  "details": "Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27313"
+    },
+    {
+      "type": "WEB",
+      "url": "https://helpx.adobe.com/security/products/bridge/apsb26-39.html"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-122"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-04-14T20:16:34Z"
+  }
+}

advisories/unreviewed/2026/04/GHSA-826q-ppf7-8g9v/GHSA-826q-ppf7-8g9v.json

@@ -33,7 +33,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-770"
+    ],
     "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,