{"vulnerability": "CVE-2025-2211", "sightings": [{"uuid": "4222d233-df5a-49ee-a667-894c663f9e7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22115", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvoktgxhhs2f", "content": "", "creation_timestamp": "2025-08-05T20:37:56.863847Z"}, {"uuid": "e4f3d7fb-c776-401f-9135-447ca4275337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22115", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvqv4serzs2v", "content": "", "creation_timestamp": "2025-08-06T18:47:28.548974Z"}, {"uuid": "4eefdd80-9198-4b18-b7ef-5e58713e8139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2211", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "80ebb38e-5281-401c-a466-3730eb26b781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2211", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7249", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-2211\n\ud83d\udd25 CVSS Score: 4.8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in aitangbao springboot-manager 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /sysDictDetail/add. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-03-11T22:00:13.351Z\n\ud83d\udccf Modified: 2025-03-11T22:00:13.351Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.299282\n2. https://vuldb.com/?ctiid.299282\n3. https://vuldb.com/?submit.511741\n4. https://github.com/uglory-gll/javasec/blob/main/spring-manage.md", "creation_timestamp": "2025-03-11T22:39:50.000000Z"}, {"uuid": "a7983be1-959b-4c2f-a927-bbe5e8ea3217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22112", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14804", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-22112\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\neth: bnxt: fix out-of-range access of vnic_info array\n\nThe bnxt_queue_{start | stop}() access vnic_info as much as allocated,\nwhich indicates bp->nr_vnics.\nSo, it should not reach bp->vnic_info[bp->nr_vnics].\n\ud83d\udccf Published: 2025-04-16T14:12:58.371Z\n\ud83d\udccf Modified: 2025-05-04T13:07:00.862Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/b1e081d331ab3a0dea25425f2b6ddeb365fc9d22\n2. https://git.kernel.org/stable/c/919f9f497dbcee75d487400e8f9815b74a6a37df", "creation_timestamp": "2025-05-04T13:18:49.000000Z"}, {"uuid": "63a87d4f-9b35-4a59-8828-b984a6a46209", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22113", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "1b519909-b6f1-47a7-b3bd-94a4a5295486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22111", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "7c5b5047-294a-4ab5-b5f8-885730d21767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22111", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "f5b5bf4a-659d-4945-8418-9236b7b950e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22113", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities_20260408", "content": "", "creation_timestamp": "2026-04-07T18:00:00.000000Z"}, {"uuid": "34276ac9-fd05-4ab0-8853-9f9b047ed113", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22113", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "ce84f87d-7416-42d7-9e77-fc35509709af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22111", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "036ce009-6c7a-4d98-a318-ec2caef0770c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22118", "type": "seen", "source": "https://t.me/cvedetector/23121", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22118 - Ice Out-of-Bounds Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22118 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nice: validate queue quanta parameters to prevent OOB access  \n  \nAdd queue wraparound prevention in quanta configuration.  \nEnsure end_qid does not overflow by validating start_qid and num_queues. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:45.000000Z"}, {"uuid": "11b23435-4846-4afd-b3b6-42af4399affb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-22119", "type": "seen", "source": "https://t.me/cvedetector/23120", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-22119 - Linux Kernel: cfg80211 WiFi Wiphy Work Lock Uninitialized Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-22119 \nPublished : April 16, 2025, 3:16 p.m. | 23\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nwifi: cfg80211: init wiphy_work before allocating rfkill fails  \n  \nsyzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1]  \n  \nAfter rfkill allocation fails, the wiphy release process will be performed,  \nwhich will cause cfg80211_dev_free to access the uninitialized wiphy_work  \nrelated data.  \n  \nMove the initialization of wiphy_work to before rfkill initialization to  \navoid this issue.  \n  \n[1]  \nINFO: trying to register non-static key.  \nThe code is fine but needs lockdep annotation, or maybe  \nyou didn't initialize this object before use?  \nturning off the locking correctness validator.  \nCPU: 0 UID: 0 PID: 5935 Comm: syz-executor550 Not tainted 6.14.0-rc6-syzkaller-00103-g4003c9e78778 #0  \nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014  \nCall Trace:  \n   \n __dump_stack lib/dump_stack.c:94 [inline]  \n dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120  \n assign_lock_key kernel/locking/lockdep.c:983 [inline]  \n register_lock_class+0xc39/0x1240 kernel/locking/lockdep.c:1297  \n __lock_acquire+0x135/0x3c40 kernel/locking/lockdep.c:5103  \n lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5851  \n __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]  \n _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162  \n cfg80211_dev_free+0x30/0x3d0 net/wireless/core.c:1196  \n device_release+0xa1/0x240 drivers/base/core.c:2568  \n kobject_cleanup lib/kobject.c:689 [inline]  \n kobject_release lib/kobject.c:720 [inline]  \n kref_put include/linux/kref.h:65 [inline]  \n kobject_put+0x1e4/0x5a0 lib/kobject.c:737  \n put_device+0x1f/0x30 drivers/base/core.c:3774  \n wiphy_free net/wireless/core.c:1224 [inline]  \n wiphy_new_nm+0x1c1f/0x2160 net/wireless/core.c:562  \n ieee80211_alloc_hw_nm+0x1b7a/0x2260 net/mac80211/main.c:835  \n mac80211_hwsim_new_radio+0x1d6/0x54e0 drivers/net/wireless/virtual/mac80211_hwsim.c:5185  \n hwsim_new_radio_nl+0xb42/0x12b0 drivers/net/wireless/virtual/mac80211_hwsim.c:6242  \n genl_family_rcv_msg_doit+0x202/0x2f0 net/netlink/genetlink.c:1115  \n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]  \n genl_rcv_msg+0x565/0x800 net/netlink/genetlink.c:1210  \n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2533  \n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219  \n netlink_unicast_kernel net/netlink/af_netlink.c:1312 [inline]  \n netlink_unicast+0x53c/0x7f0 net/netlink/af_netlink.c:1338  \n netlink_sendmsg+0x8b8/0xd70 net/netlink/af_netlink.c:1882  \n sock_sendmsg_nosec net/socket.c:718 [inline]  \n __sock_sendmsg net/socket.c:733 [inline]  \n ____sys_sendmsg+0xaaf/0xc90 net/socket.c:2573  \n ___sys_sendmsg+0x135/0x1e0 net/socket.c:2627  \n __sys_sendmsg+0x16e/0x220 net/socket.c:2659  \n do_syscall_x64 arch/x86/entry/common.c:52 [inline]  \n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83  \n  \nClose:  \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T17:43:44.000000Z"}]}