Skip to content

Commit 88203a9

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-7pqm-gjrm-wf96 GHSA-rgpf-x2pq-6m4q
1 parent 9fb22ad commit 88203a9

File tree

2 files changed

+104
-0
lines changed

2 files changed

+104
-0
lines changed

advisories/unreviewed/2026/03/GHSA-7pqm-gjrm-wf96/GHSA-7pqm-gjrm-wf96.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-7pqm-gjrm-wf96",
4+
"modified": "2026-03-07T21:33:41Z",
5+
"published": "2026-03-07T21:33:41Z",
6+
"aliases": [
7+
"CVE-2026-3669"
8+
],
9+
"details": "A security vulnerability has been detected in Freedom Factory dGEN1 up to 20260221. This impacts the function AlarmService of the component com.dgen.alarm. Such manipulation leads to improper authorization. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3669"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://gist.github.com/Lytes/2bd9cb3faf89b114754f00292beabb38"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.349557"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.349557"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.764703"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-266"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2026-03-07T19:15:48Z"
51+
}
52+
}

advisories/unreviewed/2026/03/GHSA-rgpf-x2pq-6m4q/GHSA-rgpf-x2pq-6m4q.json

Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-rgpf-x2pq-6m4q",
4+
"modified": "2026-03-07T21:33:41Z",
5+
"published": "2026-03-07T21:33:41Z",
6+
"aliases": [
7+
"CVE-2026-3670"
8+
],
9+
"details": "A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
10+
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
14+
},
15+
{
16+
"type": "CVSS_V4",
17+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
18+
}
19+
],
20+
"affected": [],
21+
"references": [
22+
{
23+
"type": "ADVISORY",
24+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3670"
25+
},
26+
{
27+
"type": "WEB",
28+
"url": "https://gist.github.com/Lytes/0accda73c896ea137db832dc4d81345c"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "https://vuldb.com/?ctiid.349558"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://vuldb.com/?id.349558"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://vuldb.com/?submit.764704"
41+
}
42+
],
43+
"database_specific": {
44+
"cwe_ids": [
45+
"CWE-266"
46+
],
47+
"severity": "MODERATE",
48+
"github_reviewed": false,
49+
"github_reviewed_at": null,
50+
"nvd_published_at": "2026-03-07T19:15:49Z"
51+
}
52+
}

0 commit comments

Comments
 (0)