Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 99b1c671102c · 2026-01-29T12:32:33.000Z
GHSA-76p7-773f-r4q5 GHSA-whhx-238v-wr87 GHSA-4qpp-gxm3-h9vw GHSA-5hf5-c2h8-jm8p GHSA-97vc-35gm-9r7r GHSA-rgqc-2558-hgcm GHSA-whc5-p69f-c63x
diff --git a/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json b/advisories/github-reviewed/2025/02/GHSA-76p7-773f-r4q5/GHSA-76p7-773f-r4q5.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-76p7-773f-r4q5",
-  "modified": "2025-11-28T21:31:18Z",
+  "modified": "2026-01-29T12:30:25Z",
   "published": "2025-02-10T18:30:47Z",
   "aliases": [
     "CVE-2024-11831"
@@ -64,6 +64,10 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2024-11831"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:1536"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:9294"
diff --git a/advisories/unreviewed/2024/07/GHSA-whhx-238v-wr87/GHSA-whhx-238v-wr87.json b/advisories/unreviewed/2024/07/GHSA-whhx-238v-wr87/GHSA-whhx-238v-wr87.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-whhx-238v-wr87",
-  "modified": "2024-07-26T15:31:51Z",
+  "modified": "2026-01-29T12:30:24Z",
   "published": "2024-07-26T03:30:46Z",
   "aliases": [
     "CVE-2024-4447"
diff --git a/advisories/unreviewed/2025/12/GHSA-4qpp-gxm3-h9vw/GHSA-4qpp-gxm3-h9vw.json b/advisories/unreviewed/2025/12/GHSA-4qpp-gxm3-h9vw/GHSA-4qpp-gxm3-h9vw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4qpp-gxm3-h9vw",
-  "modified": "2026-01-28T21:31:17Z",
+  "modified": "2026-01-29T12:30:25Z",
   "published": "2025-12-11T15:30:32Z",
   "aliases": [
     "CVE-2025-14523"
@@ -27,6 +27,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-14523"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:1571"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2026:1570"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2026:1509"
diff --git a/advisories/unreviewed/2026/01/GHSA-5hf5-c2h8-jm8p/GHSA-5hf5-c2h8-jm8p.json b/advisories/unreviewed/2026/01/GHSA-5hf5-c2h8-jm8p/GHSA-5hf5-c2h8-jm8p.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-5hf5-c2h8-jm8p",
+  "modified": "2026-01-29T12:30:25Z",
+  "published": "2026-01-29T12:30:25Z",
+  "aliases": [
+    "CVE-2025-7015"
+  ],
+  "details": "Session Fixation vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7015"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usom.gov.tr/bildirim/tr-26-0006"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-384"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-29T12:16:30Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-97vc-35gm-9r7r/GHSA-97vc-35gm-9r7r.json b/advisories/unreviewed/2026/01/GHSA-97vc-35gm-9r7r/GHSA-97vc-35gm-9r7r.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-97vc-35gm-9r7r",
+  "modified": "2026-01-29T12:30:25Z",
+  "published": "2026-01-29T12:30:25Z",
+  "aliases": [
+    "CVE-2026-1469"
+  ],
+  "details": "Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the ‘comment’ and ‘brand’ parameters in ‘/index.php’. The payload is stored by the application and subsequently displayed without proper sanitization when other users access it. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user.",
+  "severity": [
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1469"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/stored-cross-site-scripting-xss-rle-novas-planmanager"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-79"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-29T12:16:30Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-rgqc-2558-hgcm/GHSA-rgqc-2558-hgcm.json b/advisories/unreviewed/2026/01/GHSA-rgqc-2558-hgcm/GHSA-rgqc-2558-hgcm.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-rgqc-2558-hgcm",
+  "modified": "2026-01-29T12:30:25Z",
+  "published": "2026-01-29T12:30:25Z",
+  "aliases": [
+    "CVE-2025-7016"
+  ],
+  "details": "Improper Access Control vulnerability in Akın Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7016"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.usom.gov.tr/bildirim/tr-26-0006"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-284"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-29T12:16:30Z"
+  }
+}
diff --git a/advisories/unreviewed/2026/01/GHSA-whc5-p69f-c63x/GHSA-whc5-p69f-c63x.json b/advisories/unreviewed/2026/01/GHSA-whc5-p69f-c63x/GHSA-whc5-p69f-c63x.json
@@ -0,0 +1,36 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-whc5-p69f-c63x",
+  "modified": "2026-01-29T12:30:25Z",
+  "published": "2026-01-29T12:30:25Z",
+  "aliases": [
+    "CVE-2026-22764"
+  ],
+  "details": "Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22764"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.dell.com/support/kbdoc/en-us/000420893/dsa-2026-045-security-update-for-dell-openmanage-network-integration-omni-vulnerabilities"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-287"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-01-29T11:15:53Z"
+  }
+}

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-whhx-238v-wr87",`
`4`		`- "modified": "2024-07-26T15:31:51Z",`
	`4`	`+ "modified": "2026-01-29T12:30:24Z",`
`5`	`5`	`"published": "2024-07-26T03:30:46Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2024-4447"`