Skip to content

Commit 5a03631

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-265r-hfxg-fhmg GHSA-4rxj-726p-wq74 GHSA-7f63-jgvw-vgjq GHSA-mp7h-693f-hwvj GHSA-qx2c-cjfg-57c3 GHSA-xfhf-5q2m-cx8p
1 parent 41aa9be commit 5a03631

File tree

6 files changed

+265
-1
lines changed

6 files changed

+265
-1
lines changed

advisories/github-reviewed/2025/03/GHSA-265r-hfxg-fhmg/GHSA-265r-hfxg-fhmg.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-265r-hfxg-fhmg",
4-
"modified": "2025-03-19T14:59:04Z",
4+
"modified": "2025-05-05T00:30:19Z",
55
"published": "2025-03-17T21:24:42Z",
66
"aliases": [
77
"CVE-2024-40635"
@@ -97,6 +97,10 @@
9797
{
9898
"type": "PACKAGE",
9999
"url": "https://github.com/containerd/containerd"
100+
},
101+
{
102+
"type": "WEB",
103+
"url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00005.html"
100104
}
101105
],
102106
"database_specific": {

advisories/unreviewed/2025/05/GHSA-4rxj-726p-wq74/GHSA-4rxj-726p-wq74.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-4rxj-726p-wq74",
4+
"modified": "2025-05-05T00:30:19Z",
5+
"published": "2025-05-05T00:30:19Z",
6+
"aliases": [
7+
"CVE-2025-4252"
8+
],
9+
"details": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as critical. Affected is an unknown function of the component APPEND Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4252"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fitoxs.com/exploit/exploit-65b1721b02d84e0c79b6cd3c2473d3ed9c441087d702bd3a76b82fc2ae04388b.txt"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.307356"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.307356"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.561606"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-119"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-05-04T23:15:45Z"
51+
}
52+
}

advisories/unreviewed/2025/05/GHSA-7f63-jgvw-vgjq/GHSA-7f63-jgvw-vgjq.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-7f63-jgvw-vgjq",
4+
"modified": "2025-05-05T00:30:19Z",
5+
"published": "2025-05-05T00:30:19Z",
6+
"aliases": [
7+
"CVE-2025-4255"
8+
],
9+
"details": "A vulnerability classified as critical has been found in PCMan FTP Server 2.0.7. This affects an unknown part of the component RMD Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4255"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fitoxs.com/exploit/exploit-52a33c7f018ae348f748582eae6aa7d38b2b5f1f3dc5d3b6793772e1f8223eb0.txt"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.307359"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.307359"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.561623"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-119"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-05-05T00:15:15Z"
51+
}
52+
}

advisories/unreviewed/2025/05/GHSA-mp7h-693f-hwvj/GHSA-mp7h-693f-hwvj.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-mp7h-693f-hwvj",
4+
"modified": "2025-05-05T00:30:19Z",
5+
"published": "2025-05-05T00:30:19Z",
6+
"aliases": [
7+
"CVE-2025-4254"
8+
],
9+
"details": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4254"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fitoxs.com/exploit/exploit-e4fd898014889301fef4607c9a2641c3db234bb5a057a22952bfb70e70b4c279.txt"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.307358"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.307358"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.561611"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-119"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-05-05T00:15:14Z"
51+
}
52+
}

advisories/unreviewed/2025/05/GHSA-qx2c-cjfg-57c3/GHSA-qx2c-cjfg-57c3.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-qx2c-cjfg-57c3",
4+
"modified": "2025-05-05T00:30:19Z",
5+
"published": "2025-05-05T00:30:19Z",
6+
"aliases": [
7+
"CVE-2025-4251"
8+
],
9+
"details": "A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4251"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fitoxs.com/exploit/exploit-a10ec24750e57a60258d3b176f899b0246b544785f86e8a1cb58c8b275a2fdee.txt"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.307355"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.307355"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.561597"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-119"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-05-04T22:15:32Z"
51+
}
52+
}

advisories/unreviewed/2025/05/GHSA-xfhf-5q2m-cx8p/GHSA-xfhf-5q2m-cx8p.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-xfhf-5q2m-cx8p",
4+
"modified": "2025-05-05T00:30:19Z",
5+
"published": "2025-05-05T00:30:19Z",
6+
"aliases": [
7+
"CVE-2025-4253"
8+
],
9+
"details": "A vulnerability was found in PCMan FTP Server 2.0.7. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4253"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://fitoxs.com/exploit/exploit-6a5b279ed51b35667909c1b56d4d85d71d41bc6e73d4fbbf3de2b1f59ebd6d08.txt"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.307357"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.307357"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.561609"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-119"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2025-05-04T23:15:46Z"
51+
}
52+
}

0 commit comments

Comments
 (0)