Advisory Database Sync

Author: advisory-database[bot]

advisories/unreviewed/2022/09/GHSA-xhpr-rjf3-gg6p/GHSA-xhpr-rjf3-gg6p.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xhpr-rjf3-gg6p",
-  "modified": "2022-09-27T00:00:18Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2022-09-25T00:00:27Z",
   "aliases": [
     "CVE-2022-2785"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://git.kernel.org/bpf/bpf/c/86f44fcec22c"
     },
+    {
+      "type": "WEB",
+      "url": "https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei%40google.com/T/#t"
+    },
     {
       "type": "WEB",
       "url": "https://lore.kernel.org/bpf/20220816205517.682470-1-zhuyifei@google.com/T/#t"

advisories/unreviewed/2026/01/GHSA-c23h-wjw2-xvwf/GHSA-c23h-wjw2-xvwf.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c23h-wjw2-xvwf",
-  "modified": "2026-01-15T18:31:32Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-01-15T18:31:32Z",
   "aliases": [
     "CVE-2025-67246"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67246"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/CDipper/CVE-2025-67246"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/CDipper/CVE-Publication"

advisories/unreviewed/2026/01/GHSA-g6jg-q927-wwmp/GHSA-g6jg-q927-wwmp.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g6jg-q927-wwmp",
-  "modified": "2026-01-09T18:31:36Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-01-09T18:31:36Z",
   "aliases": [
     "CVE-2025-67133"
@@ -23,6 +23,10 @@
       "type": "WEB",
       "url": "https://threadpoolx.gitbook.io/docs/cve/cve-2025-67133-denial-of-service-via-unauthenticated-ble-connection"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.vidaworld.com"
+    },
     {
       "type": "WEB",
       "url": "http://hero.com"

advisories/unreviewed/2026/02/GHSA-5h67-qfvj-ggxp/GHSA-5h67-qfvj-ggxp.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5h67-qfvj-ggxp",
-  "modified": "2026-02-03T03:30:27Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T03:30:27Z",
   "aliases": [
     "CVE-2025-67476"
   ],
   "details": "Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Import/ImportableOldRevisionImporter.Php.\n\nThis issue affects MediaWiki: from * before 1.44.3, 1.45.1.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-5rc9-qhhx-3j46/GHSA-5rc9-qhhx-3j46.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5rc9-qhhx-3j46",
-  "modified": "2026-02-03T00:30:18Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T00:30:18Z",
   "aliases": [
     "CVE-2026-0924"
   ],
   "details": "BuhoCleaner contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue affects BuhoCleaner: 1.15.2.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
@@ -34,7 +38,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-362"
+      "CWE-362",
+      "CWE-367"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

advisories/unreviewed/2026/02/GHSA-fq4p-ghcx-qxxg/GHSA-fq4p-ghcx-qxxg.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fq4p-ghcx-qxxg",
-  "modified": "2026-02-03T03:30:27Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T03:30:27Z",
   "aliases": [
     "CVE-2025-67484"
   ],
   "details": "Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php.\n\nThis issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-hx5c-rhqh-cc74/GHSA-hx5c-rhqh-cc74.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hx5c-rhqh-cc74",
-  "modified": "2026-02-03T03:30:27Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T03:30:27Z",
   "aliases": [
     "CVE-2025-61658"
   ],
   "details": "Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/GlobalContributions/GlobalContributionsPager.Php.\n\nThis issue affects CheckUser: from * before 1.43.4, 1.44.1.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-rg4c-x95m-9m4f/GHSA-rg4c-x95m-9m4f.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-rg4c-x95m-9m4f",
-  "modified": "2026-02-03T03:30:27Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T03:30:27Z",
   "aliases": [
     "CVE-2025-67478"
   ],
   "details": "Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files includes/Mail/UserMailer.Php.\n\nThis issue affects CheckUser: from * before 1.39.14, 1.43.4, 1.44.1.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/02/GHSA-wp7p-gm96-p2h8/GHSA-wp7p-gm96-p2h8.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wp7p-gm96-p2h8",
-  "modified": "2026-02-03T03:30:27Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-02-03T03:30:27Z",
   "aliases": [
     "CVE-2025-67480"
   ],
   "details": "Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiQueryRevisionsBase.Php.\n\nThis issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2026/03/GHSA-2f6v-45w8-wr99/GHSA-2f6v-45w8-wr99.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2f6v-45w8-wr99",
-  "modified": "2026-03-20T18:31:19Z",
+  "modified": "2026-04-14T15:30:28Z",
   "published": "2026-03-20T18:31:19Z",
   "aliases": [
     "CVE-2026-22898"
   ],
   "details": "A missing authentication for critical function vulnerability has been reported to affect QVR Pro. The remote attackers can then exploit the vulnerability to gain access to the system.\n\nWe have already fixed the vulnerability in the following version:\nQVR Pro 2.7.4.14 and later",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"