Skip to content

Commit 20aef23

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-2x95-qpv9-c883 GHSA-37ww-cvhx-x8p9 GHSA-3qcm-pj6q-w4c5 GHSA-8w9h-w7wc-gcm4 GHSA-9gpg-5wc9-g6h7 GHSA-c84p-gr27-9c8h GHSA-g8w3-f2ww-wpcc GHSA-gwr9-q5w7-g798 GHSA-jj4j-g7fm-jrc5 GHSA-vj4g-qpp7-2f4f
1 parent 6802203 commit 20aef23

File tree

10 files changed

+124
-8
lines changed

10 files changed

+124
-8
lines changed

advisories/unreviewed/2026/04/GHSA-2x95-qpv9-c883/GHSA-2x95-qpv9-c883.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2x95-qpv9-c883",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25241"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://www.vulncheck.com/advisories/microsoft-vpn-browser-denial-of-service"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.vulncheck.com/advisories/vpn-browser-denial-of-service"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2026/04/GHSA-37ww-cvhx-x8p9/GHSA-37ww-cvhx-x8p9.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-37ww-cvhx-x8p9",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25240"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://www.vulncheck.com/advisories/microsoft-watchr-denial-of-service-via-search"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.vulncheck.com/advisories/watchr-denial-of-service-via-search"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2026/04/GHSA-3qcm-pj6q-w4c5/GHSA-3qcm-pj6q-w4c5.json

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3qcm-pj6q-w4c5",
4+
"modified": "2026-04-04T21:30:27Z",
5+
"published": "2026-04-04T21:30:27Z",
6+
"aliases": [
7+
"CVE-2016-20054"
8+
],
9+
"details": "Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/user_manipulate and admin/settings/generall endpoints to create users or modify application settings without explicit consent.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-20054"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.exploit-db.com/exploits/40707"
29+
}
30+
],
31+
"database_specific": {
32+
"cwe_ids": [
33+
"CWE-79"
34+
],
35+
"severity": "MODERATE",
36+
"github_reviewed": false,
37+
"github_reviewed_at": null,
38+
"nvd_published_at": "2026-04-04T20:16:15Z"
39+
}
40+
}

advisories/unreviewed/2026/04/GHSA-8w9h-w7wc-gcm4/GHSA-8w9h-w7wc-gcm4.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-8w9h-w7wc-gcm4",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:27Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25244"
@@ -31,6 +31,10 @@
3131
"type": "WEB",
3232
"url": "https://www.microsoft.com/store/productId/9N05DCQP5C3W"
3333
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.vulncheck.com/advisories/eco-search-denial-of-service"
37+
},
3438
{
3539
"type": "WEB",
3640
"url": "https://www.vulncheck.com/advisories/microsoft-eco-search-denial-of-service"

advisories/unreviewed/2026/04/GHSA-9gpg-5wc9-g6h7/GHSA-9gpg-5wc9-g6h7.json

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,44 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-9gpg-5wc9-g6h7",
4+
"modified": "2026-04-04T21:30:27Z",
5+
"published": "2026-04-04T21:30:27Z",
6+
"aliases": [
7+
"CVE-2018-25246"
8+
],
9+
"details": "Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can paste a large buffer of repeated characters into the search bar to trigger an application crash.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-25246"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://www.exploit-db.com/exploits/45324"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://www.microsoft.com/en-us/p/wikipedia/9wzdncrfhwm4?activetab=pivot%3aoverviewtab"
33+
}
34+
],
35+
"database_specific": {
36+
"cwe_ids": [
37+
"CWE-306"
38+
],
39+
"severity": "HIGH",
40+
"github_reviewed": false,
41+
"github_reviewed_at": null,
42+
"nvd_published_at": "2026-04-04T20:16:18Z"
43+
}
44+
}

advisories/unreviewed/2026/04/GHSA-c84p-gr27-9c8h/GHSA-c84p-gr27-9c8h.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c84p-gr27-9c8h",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25242"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://www.vulncheck.com/advisories/microsoft-one-search-denial-of-service"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.vulncheck.com/advisories/one-search-denial-of-service"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2026/04/GHSA-g8w3-f2ww-wpcc/GHSA-g8w3-f2ww-wpcc.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g8w3-f2ww-wpcc",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25238"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://www.vulncheck.com/advisories/microsoft-vsco-denial-of-service-via-search"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.vulncheck.com/advisories/vsco-denial-of-service-via-search"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2026/04/GHSA-gwr9-q5w7-g798/GHSA-gwr9-q5w7-g798.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-gwr9-q5w7-g798",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25239"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://www.vulncheck.com/advisories/microsoft-smart-vpn-denial-of-service-via-search"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.vulncheck.com/advisories/smart-vpn-denial-of-service-via-search"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2026/04/GHSA-jj4j-g7fm-jrc5/GHSA-jj4j-g7fm-jrc5.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-jj4j-g7fm-jrc5",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:26Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25243"
@@ -31,6 +31,10 @@
3131
"type": "WEB",
3232
"url": "https://www.microsoft.com/store/productId/9MXS9JVDP25V"
3333
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.vulncheck.com/advisories/fasttube-denial-of-service-via-search"
37+
},
3438
{
3539
"type": "WEB",
3640
"url": "https://www.vulncheck.com/advisories/microsoft-fasttube-denial-of-service-via-search"

advisories/unreviewed/2026/04/GHSA-vj4g-qpp7-2f4f/GHSA-vj4g-qpp7-2f4f.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-vj4g-qpp7-2f4f",
4-
"modified": "2026-04-04T15:30:20Z",
4+
"modified": "2026-04-04T21:30:27Z",
55
"published": "2026-04-04T15:30:20Z",
66
"aliases": [
77
"CVE-2018-25245"
@@ -31,6 +31,10 @@
3131
"type": "WEB",
3232
"url": "https://www.microsoft.com/store/productId/9NQL2QC8S935"
3333
},
34+
{
35+
"type": "WEB",
36+
"url": "https://www.vulncheck.com/advisories/7-tik-denial-of-service-via-search"
37+
},
3438
{
3539
"type": "WEB",
3640
"url": "https://www.vulncheck.com/advisories/microsoft-7-tik-denial-of-service-via-search"

0 commit comments

Comments
 (0)