Auto-Update: 2025-03-09T23:00:20.452870+00:00

2025-05-06 18:52:58 +00:00 · 2025-03-09 23:03:48 +00:00 · 2025-03-09 23:03:48 +00:00 · 0d5730b2cc
commit 0d5730b2cc
parent 9a4acd0fc8
5 changed files with 186 additions and 9 deletions
--- a/CVE-2025/CVE-2025-21xx/CVE-2025-2130.json
+++ b/CVE-2025/CVE-2025-21xx/CVE-2025-2130.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-2130",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-03-09T22:15:12.253",
+  "lastModified": "2025-03-09T22:15:12.253",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in OpenXE up to 1.12. It has been declared as problematic. This vulnerability affects unknown code of the component Ticket Bearbeiten Page. The manipulation of the argument Notizen leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://vuldb.com/?ctiid.299050",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.299050",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.511529",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.singto.io/pocsforexploits/openxe/openxe-xss-ticket.html",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-262xx/CVE-2025-26204.json
+++ b/CVE-2025/CVE-2025-262xx/CVE-2025-26204.json
@ -0,0 +1,16 @@
+{
+  "id": "CVE-2025-26204",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-09T21:15:35.310",
+  "lastModified": "2025-03-09T22:15:12.120",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/CVE-2025/CVE-2025-262xx/CVE-2025-26205.json
+++ b/CVE-2025/CVE-2025-262xx/CVE-2025-26205.json
@ -0,0 +1,16 @@
+{
+  "id": "CVE-2025-26205",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2025-03-09T21:15:35.457",
+  "lastModified": "2025-03-09T22:15:12.200",
+  "vulnStatus": "Rejected",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none."
+    }
+  ],
+  "metrics": {},
+  "references": []
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-03-09T21:00:19.421143+00:00
+2025-03-09T23:00:20.452870+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-03-09T20:15:27.157000+00:00
+2025-03-09T22:15:12.253000+00:00
 ```

 ### Last Data Feed Release
@ -33,21 +33,22 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-284578
+284581
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `3`

- [CVE-2025-2129](CVE-2025/CVE-2025-21xx/CVE-2025-2129.json) (`2025-03-09T20:15:27.157`)
+- [CVE-2025-2130](CVE-2025/CVE-2025-21xx/CVE-2025-2130.json) (`2025-03-09T22:15:12.253`)
+- [CVE-2025-26204](CVE-2025/CVE-2025-262xx/CVE-2025-26204.json) (`2025-03-09T21:15:35.310`)
+- [CVE-2025-26205](CVE-2025/CVE-2025-262xx/CVE-2025-26205.json) (`2025-03-09T21:15:35.457`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `1`
+Recently modified CVEs: `0`

- [CVE-2025-27636](CVE-2025/CVE-2025-276xx/CVE-2025-27636.json) (`2025-03-09T20:15:26.270`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -281644,7 +281644,7 @@ CVE-2025-21286,0,0,723a473a192879fc206cfa84c7de3f90eedd168a272ed8d91571db1d22504
 CVE-2025-21287,0,0,3fb720d80bfa95a57729c3d52355290ff4ed9d6a729c50a14578c0330694308a,2025-01-24T21:55:31.367000
 CVE-2025-21288,0,0,79f0d8a9fcb348695f51a1219583e8ea25481776e9e3e38910c2eefefdc3362b,2025-01-24T21:47:07.423000
 CVE-2025-21289,0,0,fee4d36c12a7e786371dc542562c3ca5c601aa9f9d1773942d4c4b95c5ba8a82,2025-01-24T21:47:24.627000
-CVE-2025-2129,1,1,73bcf9f2db79dbf127d42bb6a6b4dc5653d308326a9105457d2299f2925acaa0,2025-03-09T20:15:27.157000
+CVE-2025-2129,0,0,73bcf9f2db79dbf127d42bb6a6b4dc5653d308326a9105457d2299f2925acaa0,2025-03-09T20:15:27.157000
 CVE-2025-21290,0,0,9908895cd72179235f8944b12651eab7a26a3fa06071ad9ead9f86c6d3b61d5a,2025-01-24T21:47:33.967000
 CVE-2025-21291,0,0,5dc12a9d03eff6a3cee8125e8ef0399a500aa8ddc3f43c7e43adb090509d0ede,2025-01-24T21:47:41.350000
 CVE-2025-21292,0,0,4501ae8c31c8e5be444f48bfe6c68f0a83c5b59e6e03feb325a2ed2e954943e5,2025-01-24T21:47:48.737000
@ -281655,6 +281655,7 @@ CVE-2025-21296,0,0,e6a1c9957561caf3c08496803c0d30c1ebf34930666c8fe32257ce9086419
 CVE-2025-21297,0,0,3ab7b3c14f4caef771a6720deb6e250b1f436927d02f1b51343e4279e8f230d4,2025-01-24T21:48:42.703000
 CVE-2025-21298,0,0,8777cfa0600445139c487075d5ab0c735aed30e39ea02043ecdccc9440939232,2025-01-24T21:48:49.880000
 CVE-2025-21299,0,0,f36898ed7a072fb1bf3a66d319990cf8422e046997a77b84517942b1fed08dc7,2025-01-24T21:48:59.153000
+CVE-2025-2130,1,1,3924df49d8f788efd74ea7d2dd5652aace72fb0984c40d82492698ccc7d556ed,2025-03-09T22:15:12.253000
 CVE-2025-21300,0,0,37096ee2a4f954708906e2afd28314e98d8e4ab0c7ac8239b74c189373571d90,2025-01-24T21:49:29.857000
 CVE-2025-21301,0,0,8953ad23567d52390e15e46d491856022afaf971fd601bd1a6ce8eed1c3fb533,2025-01-24T21:49:37.347000
 CVE-2025-21302,0,0,884c6727a46036a58204ac04a3b80c31d9ebeb9d1b7ece8a19fc57a9180b92a6,2025-01-24T21:49:44.423000
@ -284091,6 +284092,8 @@ CVE-2025-26182,0,0,0ffb3bea03992b9174a29a5d31a319557b17fde19454fc28292cbf9e09cbc
 CVE-2025-26200,0,0,07971a3db98f9cfae341b32901f42b0af32b82b7b85e8efc840488c86eda257e,2025-02-24T17:15:14.273000
 CVE-2025-26201,0,0,19cc0d8c975fa49352fb9ad1f8db6737d71edae986faba1d37ba48d4a441cec4,2025-02-24T18:15:21.047000
 CVE-2025-26202,0,0,faf1da73f05d445d952dd532cee33fae2a2ae5a854a8d484ad2405b4354fa0d8,2025-03-05T16:15:40.130000
+CVE-2025-26204,1,1,a8f05c49578ea0cbde7e961f0f9aa7f0415694b1127756defe681b9982099ed9,2025-03-09T22:15:12.120000
+CVE-2025-26205,1,1,63ed32d242f54d965851d14b37db546b9e668c5b81ac02938c74583c42eba152,2025-03-09T22:15:12.200000
 CVE-2025-26206,0,0,65fb1b35688e4155ab7cd5d9dba72d14a0558f77be50007bc2f864f59797ec8c,2025-03-04T17:15:18.487000
 CVE-2025-26263,0,0,fc3120fea42838e95a7a6b2851141f093ed91446459738db389d5fc39c0f2990,2025-03-06T22:15:35.437000
 CVE-2025-26264,0,0,d652b5dab25ae333f8ea0835b25b75d718ba956bf0f33ef0027b1933da0a46e3,2025-02-28T22:15:39.780000
@ -284517,7 +284520,7 @@ CVE-2025-27622,0,0,aab424c81f70efb6c2294313600d100f64e720f683885d3b6918b7e0d0c95
 CVE-2025-27623,0,0,a7729605ea601dac947d3c9e9dda3f4cf0fc759f67e3d847999a08d4d426400f,2025-03-06T17:15:23.647000
 CVE-2025-27624,0,0,386e769fd54c9c9e387001be90fa20a8140740d08fb61eb8c2dc8cbb750364f8,2025-03-06T17:15:23.797000
 CVE-2025-27625,0,0,85889be78be476b146c5fda687cdd2b7a01a613eea674a60ada7a9651223e2d5,2025-03-06T17:15:23.960000
-CVE-2025-27636,0,1,7a13ac4e996aba1cd32295c73e4eaae38f1702ebcc075663414ee3db8e6075ae,2025-03-09T20:15:26.270000
+CVE-2025-27636,0,0,7a13ac4e996aba1cd32295c73e4eaae38f1702ebcc075663414ee3db8e6075ae,2025-03-09T20:15:26.270000
 CVE-2025-27637,0,0,9c062615c8ec6a3ced4ee678ddb923b6d263f273f4e63f5f7bf9a46985accf21,2025-03-05T16:15:40.713000
 CVE-2025-27638,0,0,799c839b25e9819e4ec80c30ab7682e659f557f1c902bc7211099cb508098b42,2025-03-05T17:15:16.853000
 CVE-2025-27639,0,0,a0477d98f560583497b6432bc3e9038f2aa7b8df2110514ba2e616c075cb3f66,2025-03-05T17:15:17.027000