Publish Advisories

GHSA-j32g-85qg-wf4w
GHSA-22fc-mghg-jrwm
GHSA-446c-49cw-x44x
GHSA-577h-p2hh-v4mv
GHSA-774c-v4cw-x9m5
GHSA-gcrg-j5vc-rhvg
GHSA-h3cv-38g8-cpvm
GHSA-m566-cfc2-crhm
GHSA-m8r3-279x-ff46
GHSA-p28c-vhgj-66r6
GHSA-p894-35j8-6q2p
GHSA-pf6g-7xf6-4cr6
GHSA-ppcv-w2rm-62gc
GHSA-q2pm-pcpj-8r24
GHSA-qc7q-v2q6-f3p2
GHSA-qwww-q2vq-c559
GHSA-w3x2-cp2p-mfrh
GHSA-x759-3r22-jq22

Author: advisory-database[bot]

advisories/unreviewed/2024/03/GHSA-j32g-85qg-wf4w/GHSA-j32g-85qg-wf4w.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j32g-85qg-wf4w",
-  "modified": "2024-03-08T18:30:28Z",
+  "modified": "2025-12-06T00:31:33Z",
   "published": "2024-03-08T18:30:28Z",
   "aliases": [
     "CVE-2023-32969"
   ],
-  "details": "A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQuTScloud c5.1.5.2651 and later\nQTS 5.1.4.2596 build 20231128 and later\nQuTS hero h5.1.4.2596 build 20231128 and later\n",
+  "details": "A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQuTScloud c5.1.5.2651 and later\nQTS 5.1.4.2596 build 20231128 and later\nQuTS hero h5.1.4.2596 build 20231128 and later",
   "severity": [
     {
       "type": "CVSS_V3",

advisories/unreviewed/2024/04/GHSA-22fc-mghg-jrwm/GHSA-22fc-mghg-jrwm.json

@@ -1,12 +1,12 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-22fc-mghg-jrwm",
-  "modified": "2024-04-26T15:30:33Z",
+  "modified": "2025-12-06T00:31:33Z",
   "published": "2024-04-26T15:30:33Z",
   "aliases": [
     "CVE-2024-21905"
   ],
-  "details": "An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.3.2578 build 20231110 and later\nQuTS hero h5.1.3.2578 build 20231110 and later\nQuTScloud c5.1.5.2651 and later\n",
+  "details": "An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to compromise the security of the system via a network.\n\nWe have already fixed the vulnerability in the following versions:\nQTS 5.1.3.2578 build 20231110 and later\nQuTS hero h5.1.3.2578 build 20231110 and later\nQuTScloud c5.1.5.2651 and later",
   "severity": [
     {
       "type": "CVSS_V3",

advisories/unreviewed/2025/12/GHSA-446c-49cw-x44x/GHSA-446c-49cw-x44x.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-446c-49cw-x44x",
+  "modified": "2025-12-06T00:31:36Z",
+  "published": "2025-12-06T00:31:36Z",
+  "aliases": [
+    "CVE-2025-14111"
+  ],
+  "details": "A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android. This affects an unknown part of the component com.rarlab.rar. Such manipulation leads to path traversal. It is possible to launch the attack remotely. Attacks of this nature are highly complex. It is indicated that the exploitability is difficult. The exploit has been disclosed publicly and may be used. Upgrading to version 7.20 build 128 is able to mitigate this issue. You should upgrade the affected component. The vendor responded very professional: \"This is the real vulnerability affecting RAR for Android only. WinRAR and Unix RAR versions are not affected. We already fixed it in RAR for Android 7.20 build 128 and we publicly mentioned it in that version changelog. (...) To avoid confusion among users, it would be useful if such disclosure emphasizes that it is RAR for Android only issue and WinRAR isn't affected.\"",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14111"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/Secsys-FDU/AF_CVEs/blob/main/com.rarlab.rar/RAR%20APP%20Arbitrary%20File%20Write%20and%20Read%20Vulnerability.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.334491"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.334491"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.697375"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "LOW",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-05T23:15:46Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-577h-p2hh-v4mv/GHSA-577h-p2hh-v4mv.json

@@ -0,0 +1,44 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-577h-p2hh-v4mv",
+  "modified": "2025-12-06T00:31:36Z",
+  "published": "2025-12-06T00:31:36Z",
+  "aliases": [
+    "CVE-2025-34291"
+  ],
+  "details": "Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables account takeover and remote code execution. An overly permissive CORS configuration (allow_origins='*' with allow_credentials=True) combined with a refresh token cookie configured as SameSite=None allows a malicious webpage to perform cross-origin requests that include credentials and successfully call the refresh endpoint. An attacker-controlled origin can therefore obtain fresh access_token / refresh_token pairs for a victim session. Obtained tokens permit access to authenticated endpoints — including built-in code-execution functionality — allowing the attacker to execute arbitrary code and achieve full system compromise.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-34291"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/langflow-ai/langflow"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.obsidiansecurity.com/blog/cve-2025-34291-critical-account-takeover-and-rce-vulnerability-in-the-langflow-ai-agent-workflow-platform"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vulncheck.com/advisories/langflow-cors-misconfiguration-to-token-hijack-and-rce"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-346"
+    ],
+    "severity": "CRITICAL",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-05T23:15:47Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-774c-v4cw-x9m5/GHSA-774c-v4cw-x9m5.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-774c-v4cw-x9m5",
-  "modified": "2025-12-04T18:30:54Z",
+  "modified": "2025-12-06T00:31:35Z",
   "published": "2025-12-04T18:30:54Z",
   "aliases": [
     "CVE-2025-63363"
   ],
   "details": "A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to execute de-authentication attacks, allowing crafted deauthentication and disassociation frames to be broadcast without authentication or encryption.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-284"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-12-04T18:15:51Z"

advisories/unreviewed/2025/12/GHSA-gcrg-j5vc-rhvg/GHSA-gcrg-j5vc-rhvg.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-gcrg-j5vc-rhvg",
+  "modified": "2025-12-06T00:31:36Z",
+  "published": "2025-12-06T00:31:35Z",
+  "aliases": [
+    "CVE-2025-14106"
+  ],
+  "details": "A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2_api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safe_dir leads to command injection. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14106"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.334488"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.334488"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.697141"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.notion.so/2af6cf4e528a80bab847dcc1fb677590"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-05T22:15:48Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-h3cv-38g8-cpvm/GHSA-h3cv-38g8-cpvm.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h3cv-38g8-cpvm",
-  "modified": "2025-12-04T18:30:53Z",
+  "modified": "2025-12-06T00:31:35Z",
   "published": "2025-12-04T18:30:53Z",
   "aliases": [
     "CVE-2025-57210"
   ],
   "details": "Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-284"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-12-04T16:16:21Z"

advisories/unreviewed/2025/12/GHSA-m566-cfc2-crhm/GHSA-m566-cfc2-crhm.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m566-cfc2-crhm",
+  "modified": "2025-12-06T00:31:36Z",
+  "published": "2025-12-06T00:31:36Z",
+  "aliases": [
+    "CVE-2025-14107"
+  ],
+  "details": "A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2_api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safe_dir results in command injection. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14107"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.334489"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.334489"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.697143"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.notion.so/2af6cf4e528a8001935bcdd9e77f1ebc"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-05T22:15:49Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-m8r3-279x-ff46/GHSA-m8r3-279x-ff46.json

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-m8r3-279x-ff46",
+  "modified": "2025-12-06T00:31:36Z",
+  "published": "2025-12-06T00:31:36Z",
+  "aliases": [
+    "CVE-2025-14108"
+  ],
+  "details": "A weakness has been identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this issue is the function zfilev2_api.OpenSafe of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation of the argument safe_dir causes command injection. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14108"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.334490"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.334490"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.697144"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.notion.so/2af6cf4e528a80258f60fa529c48d291"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2025-12-05T22:15:49Z"
+  }
+}

advisories/unreviewed/2025/12/GHSA-p28c-vhgj-66r6/GHSA-p28c-vhgj-66r6.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-p28c-vhgj-66r6",
-  "modified": "2025-12-03T18:30:25Z",
+  "modified": "2025-12-06T00:31:35Z",
   "published": "2025-12-03T18:30:25Z",
   "aliases": [
     "CVE-2025-13492"
   ],
   "details": "A potential security vulnerability has been identified in HP Image Assistant for versions prior to 5.3.3. The vulnerability\n               could potentially allow a local attacker to escalate privileges via a race condition when installing packages.",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"