diff --git a/CVE-2025/CVE-2025-239xx/CVE-2025-23970.json b/CVE-2025/CVE-2025-239xx/CVE-2025-23970.json new file mode 100644 index 00000000000..6d3278e0101 --- /dev/null +++ b/CVE-2025/CVE-2025-239xx/CVE-2025-23970.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-23970", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:25.697", + "lastModified": "2025-07-04T12:15:25.697", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Privilege Assignment vulnerability in aonetheme Service Finder Booking allows Privilege Escalation. This issue affects Service Finder Booking: from n/a through 6.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sf-booking/vulnerability/wordpress-service-finder-booking-6-0-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-247xx/CVE-2025-24771.json b/CVE-2025/CVE-2025-247xx/CVE-2025-24771.json new file mode 100644 index 00000000000..d4838136938 --- /dev/null +++ b/CVE-2025/CVE-2025-247xx/CVE-2025-24771.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-24771", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:26.320", + "lastModified": "2025-07-04T12:15:26.320", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes Content Manager Light allows Reflected XSS. This issue affects Content Manager Light: from n/a through 3.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/content-manager-light/vulnerability/wordpress-content-manager-light-plugin-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-247xx/CVE-2025-24780.json b/CVE-2025/CVE-2025-247xx/CVE-2025-24780.json new file mode 100644 index 00000000000..0fb73706cd2 --- /dev/null +++ b/CVE-2025/CVE-2025-247xx/CVE-2025-24780.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-24780", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:26.500", + "lastModified": "2025-07-04T12:15:26.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in printcart Printcart Web to Print Product Designer for WooCommerce allows SQL Injection. This issue affects Printcart Web to Print Product Designer for WooCommerce: from n/a through 2.4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/printcart-integration/vulnerability/wordpress-printcart-web-to-print-product-designer-for-woocommerce-2-3-9-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-289xx/CVE-2025-28968.json b/CVE-2025/CVE-2025-289xx/CVE-2025-28968.json new file mode 100644 index 00000000000..eed0726bd84 --- /dev/null +++ b/CVE-2025/CVE-2025-289xx/CVE-2025-28968.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-28968", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:26.693", + "lastModified": "2025-07-04T12:15:26.693", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vladimir Prelovac WP Wall allows Reflected XSS. This issue affects WP Wall: from n/a through 1.7.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-wall/vulnerability/wordpress-wp-wall-plugin-1-7-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-289xx/CVE-2025-28976.json b/CVE-2025/CVE-2025-289xx/CVE-2025-28976.json new file mode 100644 index 00000000000..36ccc11cb6d --- /dev/null +++ b/CVE-2025/CVE-2025-289xx/CVE-2025-28976.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-28976", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:26.877", + "lastModified": "2025-07-04T12:15:26.877", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dsrodzin Email Address Security by WebEmailProtector allows Stored XSS. This issue affects Email Address Security by WebEmailProtector: from n/a through 3.3.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/webemailprotector/vulnerability/wordpress-email-address-security-by-webemailprotector-3-3-6-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-289xx/CVE-2025-28978.json b/CVE-2025/CVE-2025-289xx/CVE-2025-28978.json new file mode 100644 index 00000000000..18f567598c2 --- /dev/null +++ b/CVE-2025/CVE-2025-289xx/CVE-2025-28978.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-28978", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.053", + "lastModified": "2025-07-04T12:15:27.053", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hung Trang Si SB Breadcrumbs allows Reflected XSS. This issue affects SB Breadcrumbs: from n/a through 1.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/sb-breadcrumbs/vulnerability/wordpress-sb-breadcrumbs-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-289xx/CVE-2025-28980.json b/CVE-2025/CVE-2025-289xx/CVE-2025-28980.json new file mode 100644 index 00000000000..58e1f28156e --- /dev/null +++ b/CVE-2025/CVE-2025-289xx/CVE-2025-28980.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-28980", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.233", + "lastModified": "2025-07-04T12:15:27.233", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in machouinard Aviation Weather from NOAA allows Path Traversal. This issue affects Aviation Weather from NOAA: from n/a through 0.7.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", + "baseScore": 7.7, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/aviation-weather-from-noaa/vulnerability/wordpress-aviation-weather-from-noaa-0-7-2-arbitrary-file-deletion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-289xx/CVE-2025-28983.json b/CVE-2025/CVE-2025-289xx/CVE-2025-28983.json new file mode 100644 index 00000000000..37427f606d9 --- /dev/null +++ b/CVE-2025/CVE-2025-289xx/CVE-2025-28983.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-28983", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.437", + "lastModified": "2025-07-04T12:15:27.437", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickandPledge Click & Pledge Connect allows Privilege Escalation. This issue affects Click & Pledge Connect: from 25.04010101 through WP6.8." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/click-pledge-connect/vulnerability/wordpress-click-pledge-connect-plugin-25-04010101-wp6-8-privilege-escalation-via-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-309xx/CVE-2025-30933.json b/CVE-2025/CVE-2025-309xx/CVE-2025-30933.json new file mode 100644 index 00000000000..68cabef6fa7 --- /dev/null +++ b/CVE-2025/CVE-2025-309xx/CVE-2025-30933.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-30933", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.607", + "lastModified": "2025-07-04T12:15:27.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in LiquidThemes LogisticsHub allows Upload a Web Shell to a Web Server. This issue affects LogisticsHub: from n/a through 1.1.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/logistics-hub/vulnerability/wordpress-logisticshub-1-1-6-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-310xx/CVE-2025-31037.json b/CVE-2025/CVE-2025-310xx/CVE-2025-31037.json new file mode 100644 index 00000000000..4eb1b6f493a --- /dev/null +++ b/CVE-2025/CVE-2025-310xx/CVE-2025-31037.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-31037", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.790", + "lastModified": "2025-07-04T12:15:27.790", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Homey allows Reflected XSS. This issue affects Homey: from n/a through 2.4.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/homey/vulnerability/wordpress-homey-theme-2-4-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-322xx/CVE-2025-32297.json b/CVE-2025/CVE-2025-322xx/CVE-2025-32297.json new file mode 100644 index 00000000000..5f445ccffeb --- /dev/null +++ b/CVE-2025/CVE-2025-322xx/CVE-2025-32297.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-32297", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:27.980", + "lastModified": "2025-07-04T12:15:27.980", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quantumcloud Simple Link Directory allows SQL Injection. This issue affects Simple Link Directory: from n/a through 14.7.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 8.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.1, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/qc-simple-link-directory/vulnerability/wordpress-simple-link-directory-pro-plugin-14-7-3-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-323xx/CVE-2025-32311.json b/CVE-2025/CVE-2025-323xx/CVE-2025-32311.json new file mode 100644 index 00000000000..c7634e37b7c --- /dev/null +++ b/CVE-2025/CVE-2025-323xx/CVE-2025-32311.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-32311", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:28.163", + "lastModified": "2025-07-04T12:15:28.163", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuanticaLabs Pressroom - News Magazine WordPress Theme allows Reflected XSS. This issue affects Pressroom - News Magazine WordPress Theme: from n/a through 6.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/pressroom/vulnerability/wordpress-pressroom-news-magazine-wordpress-theme-theme-6-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-381xx/CVE-2025-38177.json b/CVE-2025/CVE-2025-381xx/CVE-2025-38177.json new file mode 100644 index 00000000000..37ddb03a43e --- /dev/null +++ b/CVE-2025/CVE-2025-381xx/CVE-2025-38177.json @@ -0,0 +1,37 @@ +{ + "id": "CVE-2025-38177", + "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", + "published": "2025-07-04T13:15:24.033", + "lastModified": "2025-07-04T13:15:24.033", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsch_hfsc: make hfsc_qlen_notify() idempotent\n\nhfsc_qlen_notify() is not idempotent either and not friendly\nto its callers, like fq_codel_dequeue(). Let's make it idempotent\nto ease qdisc_tree_reduce_backlog() callers' life:\n\n1. update_vf() decreases cl->cl_nactive, so we can check whether it is\nnon-zero before calling it.\n\n2. eltree_remove() always removes RB node cl->el_node, but we can use\n RB_EMPTY_NODE() + RB_CLEAR_NODE() to make it safe." + } + ], + "metrics": {}, + "references": [ + { + "url": "https://git.kernel.org/stable/c/0475c85426b18eccdcb7f9fb58d8f8e9c6c58c87", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/51eb3b65544c9efd6a1026889ee5fb5aa62da3bb", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/9030a91235ae4845ec71902c3e0cecfc9ed1f2df", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/c1175c4ad01dbc9c979d099861fa90a754f72059", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + }, + { + "url": "https://git.kernel.org/stable/c/d06476714d2819b550e0cc39222347e2c8941c9d", + "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-394xx/CVE-2025-39487.json b/CVE-2025/CVE-2025-394xx/CVE-2025-39487.json new file mode 100644 index 00000000000..8d63d5cc652 --- /dev/null +++ b/CVE-2025/CVE-2025-394xx/CVE-2025-39487.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-39487", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:28.353", + "lastModified": "2025-07-04T12:15:28.353", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ValvePress Rankie allows Reflected XSS. This issue affects Rankie: from n/a through 1.8.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/valvepress-rankie/vulnerability/wordpress-rankie-plugin-1-8-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-44xx/CVE-2025-4414.json b/CVE-2025/CVE-2025-44xx/CVE-2025-4414.json new file mode 100644 index 00000000000..11869cc92a0 --- /dev/null +++ b/CVE-2025/CVE-2025-44xx/CVE-2025-4414.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-4414", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:32.617", + "lastModified": "2025-07-04T12:15:32.617", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cmsmasters CMSMasters Content Composer allows PHP Local File Inclusion. This issue affects CMSMasters Content Composer: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/cmsmasters-content-composer/vulnerability/wordpress-cmsmasters-content-composer-2-5-7-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-474xx/CVE-2025-47479.json b/CVE-2025/CVE-2025-474xx/CVE-2025-47479.json new file mode 100644 index 00000000000..32b7b5b1c68 --- /dev/null +++ b/CVE-2025/CVE-2025-474xx/CVE-2025-47479.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47479", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:28.530", + "lastModified": "2025-07-04T12:15:28.530", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue affects WP Compress: from n/a through 6.30.30." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-1390" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-compress-image-optimizer/vulnerability/wordpress-wp-compress-6-30-30-broken-authentication-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-475xx/CVE-2025-47565.json b/CVE-2025/CVE-2025-475xx/CVE-2025-47565.json new file mode 100644 index 00000000000..290bc59249f --- /dev/null +++ b/CVE-2025/CVE-2025-475xx/CVE-2025-47565.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47565", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:28.720", + "lastModified": "2025-07-04T12:15:28.720", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in ashanjay EventON allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EventON: from n/a through 4.9.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/eventon/vulnerability/wordpress-eventon-plugin-4-9-9-broken-access-control-vulnerability-2?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-476xx/CVE-2025-47627.json b/CVE-2025/CVE-2025-476xx/CVE-2025-47627.json new file mode 100644 index 00000000000..657b84d544a --- /dev/null +++ b/CVE-2025/CVE-2025-476xx/CVE-2025-47627.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47627", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:28.917", + "lastModified": "2025-07-04T12:15:28.917", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in LCweb PrivateContent - Mail Actions allows PHP Local File Inclusion. This issue affects PrivateContent - Mail Actions: from n/a through 2.3.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/private-content-mail-actions/vulnerability/wordpress-privatecontent-mail-actions-plugin-2-3-2-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-476xx/CVE-2025-47634.json b/CVE-2025/CVE-2025-476xx/CVE-2025-47634.json new file mode 100644 index 00000000000..413bf8a5580 --- /dev/null +++ b/CVE-2025/CVE-2025-476xx/CVE-2025-47634.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-47634", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:29.090", + "lastModified": "2025-07-04T12:15:29.090", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WC Pickup Store: from n/a through 1.8.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wc-pickup-store/vulnerability/wordpress-wc-pickup-store-1-8-9-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-481xx/CVE-2025-48172.json b/CVE-2025/CVE-2025-481xx/CVE-2025-48172.json new file mode 100644 index 00000000000..f3dabd3af2e --- /dev/null +++ b/CVE-2025/CVE-2025-481xx/CVE-2025-48172.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-48172", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-07-04T13:15:25.453", + "lastModified": "2025-07-04T13:15:25.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "CHMLib through 2bef8d0, as used in SumatraPDF and other products, has a chm_lib.c _chm_decompress_block integer overflow. There is a resultant heap-based buffer overflow in _chm_fetch_bytes." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L", + "baseScore": 5.6, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 1.4, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "references": [ + { + "url": "https://drive.google.com/file/d/1XpulFyCGlq7Szzg5RsH-eRwZ6OyuSozl/view?usp=sharing", + "source": "cve@mitre.org" + }, + { + "url": "https://drive.google.com/file/d/1wq51px42eoJz2VQ1Qu9ObPVQVom9T9H_/view?usp=sharing", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/jedwing/CHMLib/blob/2bef8d063ec7d88a8de6fd9f0513ea42ac0fa21f/src/chm_lib.c#L1386", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/sumatrapdfreader/sumatrapdf/commit/08179946a745cf1605e4b9670942ec1a6e1f4c5d", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-482xx/CVE-2025-48231.json b/CVE-2025/CVE-2025-482xx/CVE-2025-48231.json new file mode 100644 index 00000000000..54368aa86fa --- /dev/null +++ b/CVE-2025/CVE-2025-482xx/CVE-2025-48231.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-48231", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:29.280", + "lastModified": "2025-07-04T12:15:29.280", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codepeople Booking Calendar Contact Form allows Stored XSS. This issue affects Booking Calendar Contact Form: from n/a through 1.2.58." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.3, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/booking-calendar-contact-form/vulnerability/wordpress-booking-calendar-contact-form-1-2-58-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-490xx/CVE-2025-49070.json b/CVE-2025/CVE-2025-490xx/CVE-2025-49070.json new file mode 100644 index 00000000000..32d81681895 --- /dev/null +++ b/CVE-2025/CVE-2025-490xx/CVE-2025-49070.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49070", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:29.460", + "lastModified": "2025-07-04T12:15:29.460", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in NasaTheme Elessi allows PHP Local File Inclusion. This issue affects Elessi: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/elessi-theme/vulnerability/wordpress-elessi-6-4-1-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49245.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49245.json new file mode 100644 index 00000000000..34792277f60 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49245.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49245", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:29.677", + "lastModified": "2025-07-04T12:15:29.677", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Testimonials Showcase allows Reflected XSS. This issue affects Testimonials Showcase: from n/a through 1.9.16." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/testimonials-showcase/vulnerability/wordpress-testimonials-showcase-plugin-1-9-16-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49247.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49247.json new file mode 100644 index 00000000000..aab8e5cd262 --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49247.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49247", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:29.970", + "lastModified": "2025-07-04T12:15:29.970", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmoreira Team Showcase allows DOM-Based XSS. This issue affects Team Showcase: from n/a through n/a." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/team-showcase-cm/vulnerability/wordpress-team-showcase-plugin-25-05-13-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-492xx/CVE-2025-49274.json b/CVE-2025/CVE-2025-492xx/CVE-2025-49274.json new file mode 100644 index 00000000000..b0517ae16fb --- /dev/null +++ b/CVE-2025/CVE-2025-492xx/CVE-2025-49274.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49274", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:30.150", + "lastModified": "2025-07-04T12:15:30.150", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in awplife Neom Blog allows Reflected XSS. This issue affects Neom Blog: from n/a through 0.0.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/neom-blog/vulnerability/wordpress-neom-blog-theme-0-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-493xx/CVE-2025-49302.json b/CVE-2025/CVE-2025-493xx/CVE-2025-49302.json new file mode 100644 index 00000000000..f962e758f4c --- /dev/null +++ b/CVE-2025/CVE-2025-493xx/CVE-2025-49302.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49302", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:30.387", + "lastModified": "2025-07-04T12:15:30.387", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Scott Paterson Easy Stripe allows Remote Code Inclusion. This issue affects Easy Stripe: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/easy-stripe/vulnerability/wordpress-easy-stripe-1-1-remote-code-execution-rce-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-493xx/CVE-2025-49303.json b/CVE-2025/CVE-2025-493xx/CVE-2025-49303.json new file mode 100644 index 00000000000..961c6ab02bd --- /dev/null +++ b/CVE-2025/CVE-2025-493xx/CVE-2025-49303.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49303", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:30.623", + "lastModified": "2025-07-04T12:15:30.623", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Shabti Kaplan Frontend Admin by DynamiApps allows Path Traversal. This issue affects Frontend Admin by DynamiApps: from n/a through 3.28.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 4.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-22" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/acf-frontend-form-element/vulnerability/wordpress-frontend-admin-by-dynamiapps-3-28-7-arbitrary-file-download-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-494xx/CVE-2025-49414.json b/CVE-2025/CVE-2025-494xx/CVE-2025-49414.json new file mode 100644 index 00000000000..2ed5fcbd7f8 --- /dev/null +++ b/CVE-2025/CVE-2025-494xx/CVE-2025-49414.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49414", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:30.817", + "lastModified": "2025-07-04T12:15:30.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Unrestricted Upload of File with Dangerous Type vulnerability in Fastw3b LLC FW Gallery allows Using Malicious Files. This issue affects FW Gallery: from n/a through 8.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 10.0, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/fw-gallery/vulnerability/wordpress-fw-gallery-8-0-0-arbitrary-file-upload-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-494xx/CVE-2025-49417.json b/CVE-2025/CVE-2025-494xx/CVE-2025-49417.json new file mode 100644 index 00000000000..ee69c0c0dd4 --- /dev/null +++ b/CVE-2025/CVE-2025-494xx/CVE-2025-49417.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49417", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:31.003", + "lastModified": "2025-07-04T12:15:31.003", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in BestWpDeveloper WooCommerce Product Multi-Action allows Object Injection. This issue affects WooCommerce Product Multi-Action: from n/a through 1.3." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/woo-product-multiaction/vulnerability/wordpress-woocommerce-product-multi-action-1-3-deserialization-of-untrusted-data-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-494xx/CVE-2025-49418.json b/CVE-2025/CVE-2025-494xx/CVE-2025-49418.json new file mode 100644 index 00000000000..3f620f1bd1f --- /dev/null +++ b/CVE-2025/CVE-2025-494xx/CVE-2025-49418.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49418", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:31.247", + "lastModified": "2025-07-04T12:15:31.247", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Server-Side Request Forgery (SSRF) vulnerability in TeconceTheme Allmart allows Server Side Request Forgery. This issue affects Allmart: from n/a through 1.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-918" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/allmart-core/vulnerability/wordpress-allmart-1-0-0-server-side-request-forgery-ssrf-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-494xx/CVE-2025-49431.json b/CVE-2025/CVE-2025-494xx/CVE-2025-49431.json new file mode 100644 index 00000000000..24ac51d84a4 --- /dev/null +++ b/CVE-2025/CVE-2025-494xx/CVE-2025-49431.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49431", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:31.537", + "lastModified": "2025-07-04T12:15:31.537", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Gnuget MF Plus WPML allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MF Plus WPML: from n/a through 1.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mf-plus-wpml/vulnerability/wordpress-mf-plus-wpml-1-1-settings-change-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49809.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49809.json new file mode 100644 index 00000000000..e6966a3eb60 --- /dev/null +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49809.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-49809", + "sourceIdentifier": "cve@mitre.org", + "published": "2025-07-04T13:15:25.780", + "lastModified": "2025-07-04T13:15:25.780", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTR_PACKET environment variable. NOTE: mtr on macOS may often have Sudo rules, as an indirect consequence of Homebrew not installing setuid binaries." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@mitre.org", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", + "baseScore": 7.8, + "baseSeverity": "HIGH", + "attackVector": "LOCAL", + "attackComplexity": "HIGH", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.1, + "impactScore": 6.0 + } + ] + }, + "weaknesses": [ + { + "source": "cve@mitre.org", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-829" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/Homebrew/homebrew-core/issues/35085", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/traviscross/mtr/blob/master/SECURITY", + "source": "cve@mitre.org" + }, + { + "url": "https://github.com/traviscross/mtr/commit/5226f105f087c29d3cfad9f28000e7536af91ac6", + "source": "cve@mitre.org" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49866.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49866.json new file mode 100644 index 00000000000..73839cf834e --- /dev/null +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49866.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49866", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:31.837", + "lastModified": "2025-07-04T12:15:31.837", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nikel Beautiful Cookie Consent Banner allows Reflected XSS. This issue affects Beautiful Cookie Consent Banner: from n/a through 4.6.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/beautiful-and-responsive-cookie-consent/vulnerability/wordpress-beautiful-cookie-consent-banner-4-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49867.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49867.json new file mode 100644 index 00000000000..5e371c7f323 --- /dev/null +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49867.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49867", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:32.123", + "lastModified": "2025-07-04T12:15:32.123", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Incorrect Privilege Assignment vulnerability in InspiryThemes RealHomes allows Privilege Escalation. This issue affects RealHomes: from n/a through 4.4.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-266" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/realhomes/vulnerability/wordpress-realhomes-4-4-0-privilege-escalation-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-498xx/CVE-2025-49870.json b/CVE-2025/CVE-2025-498xx/CVE-2025-49870.json new file mode 100644 index 00000000000..722e1a65f09 --- /dev/null +++ b/CVE-2025/CVE-2025-498xx/CVE-2025-49870.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-49870", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:32.383", + "lastModified": "2025-07-04T12:15:32.383", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cozmoslabs Paid Member Subscriptions allows SQL Injection. This issue affects Paid Member Subscriptions: from n/a through 2.15.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.2, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/paid-member-subscriptions/vulnerability/wordpress-paid-member-subscriptions-2-15-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-500xx/CVE-2025-50032.json b/CVE-2025/CVE-2025-500xx/CVE-2025-50032.json new file mode 100644 index 00000000000..d6148db4ca6 --- /dev/null +++ b/CVE-2025/CVE-2025-500xx/CVE-2025-50032.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-50032", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:32.817", + "lastModified": "2025-07-04T12:15:32.817", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in Paytiko - Payment Orchestration Platform Paytiko for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Paytiko for WooCommerce: from n/a through 1.3.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/paytiko/vulnerability/wordpress-paytiko-for-woocommerce-1-3-13-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-500xx/CVE-2025-50039.json b/CVE-2025/CVE-2025-500xx/CVE-2025-50039.json new file mode 100644 index 00000000000..7b23f06fd68 --- /dev/null +++ b/CVE-2025/CVE-2025-500xx/CVE-2025-50039.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-50039", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.017", + "lastModified": "2025-07-04T12:15:33.017", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in vgwort VG WORT METIS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects VG WORT METIS: from n/a through 2.0.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/vgw-metis/vulnerability/wordpress-vg-wort-metis-2-0-0-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-527xx/CVE-2025-52718.json b/CVE-2025/CVE-2025-527xx/CVE-2025-52718.json new file mode 100644 index 00000000000..3e8f04c0d2a --- /dev/null +++ b/CVE-2025/CVE-2025-527xx/CVE-2025-52718.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52718", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.197", + "lastModified": "2025-07-04T12:15:33.197", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone allows Remote Code Inclusion. This issue affects Alone: from n/a through 7.8.2." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/alone/vulnerability/wordpress-alone-7-8-2-arbitrary-code-execution-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-527xx/CVE-2025-52776.json b/CVE-2025/CVE-2025-527xx/CVE-2025-52776.json new file mode 100644 index 00000000000..6182386384f --- /dev/null +++ b/CVE-2025/CVE-2025-527xx/CVE-2025-52776.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52776", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.370", + "lastModified": "2025-07-04T12:15:33.370", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thanhtungtnt Video List Manager allows Stored XSS. This issue affects Video List Manager: from n/a through 1.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/video-list-manager/vulnerability/wordpress-video-list-manager-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-527xx/CVE-2025-52796.json b/CVE-2025/CVE-2025-527xx/CVE-2025-52796.json new file mode 100644 index 00000000000..8e6b3ba9570 --- /dev/null +++ b/CVE-2025/CVE-2025-527xx/CVE-2025-52796.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52796", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.553", + "lastModified": "2025-07-04T12:15:33.553", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tggfref WP-Recall allows Reflected XSS. This issue affects WP-Recall: from n/a through 16.26.14." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-recall/vulnerability/wordpress-wp-recall-16-26-14-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-527xx/CVE-2025-52798.json b/CVE-2025/CVE-2025-527xx/CVE-2025-52798.json new file mode 100644 index 00000000000..63620d8c62f --- /dev/null +++ b/CVE-2025/CVE-2025-527xx/CVE-2025-52798.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52798", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.737", + "lastModified": "2025-07-04T12:15:33.737", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix JobSearch allows Reflected XSS. This issue affects JobSearch: from n/a through 2.9.0." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", + "baseScore": 7.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/wp-jobsearch/vulnerability/wordpress-jobsearch-2-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52805.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52805.json new file mode 100644 index 00000000000..8a9167a217f --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52805.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52805", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:33.927", + "lastModified": "2025-07-04T12:15:33.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Path Traversal vulnerability in VaultDweller Leyka allows PHP Local File Inclusion. This issue affects Leyka: from n/a through 3.31.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-35" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/leyka/vulnerability/wordpress-leyka-3-31-9-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52807.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52807.json new file mode 100644 index 00000000000..95e56ffb105 --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52807.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52807", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:34.107", + "lastModified": "2025-07-04T12:15:34.107", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ApusWP Kossy - Minimalist eCommerce WordPress Theme allows PHP Local File Inclusion. This issue affects Kossy - Minimalist eCommerce WordPress Theme: from n/a through 1.45." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.2, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-98" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/kossy/vulnerability/wordpress-kossy-minimalist-ecommerce-wordpress-theme-1-45-local-file-inclusion-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52813.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52813.json new file mode 100644 index 00000000000..0ee792b5b07 --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52813.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52813", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:34.273", + "lastModified": "2025-07-04T12:15:34.273", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Missing Authorization vulnerability in pietro MobiLoud allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MobiLoud: from n/a through 4.6.5." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-862" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/mobiloud-mobile-app-plugin/vulnerability/wordpress-mobiloud-4-6-5-broken-access-control-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52828.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52828.json new file mode 100644 index 00000000000..bf5464e0f12 --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52828.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52828", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:34.453", + "lastModified": "2025-07-04T12:15:34.453", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Deserialization of Untrusted Data vulnerability in designthemes Red Art allows Object Injection. This issue affects Red Art: from n/a through 3.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/redart/vulnerability/wordpress-red-art-3-7-php-object-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52830.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52830.json new file mode 100644 index 00000000000..7a9a4efb8db --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52830.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52830", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:34.633", + "lastModified": "2025-07-04T12:15:34.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bsecuretech bSecure – Your Universal Checkout allows Blind SQL Injection. This issue affects bSecure – Your Universal Checkout: from n/a through 1.7.9." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/bsecure/vulnerability/wordpress-bsecure-your-universal-checkout-1-7-9-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52831.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52831.json new file mode 100644 index 00000000000..2e2d9dbd6e1 --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52831.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52831", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:34.820", + "lastModified": "2025-07-04T12:15:34.820", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in thanhtungtnt Video List Manager allows SQL Injection. This issue affects Video List Manager: from n/a through 1.7." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/video-list-manager/vulnerability/wordpress-video-list-manager-1-7-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52832.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52832.json new file mode 100644 index 00000000000..8aa15fc412c --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52832.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52832", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:35.020", + "lastModified": "2025-07-04T12:15:35.020", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpo-HR NGG Smart Image Search allows SQL Injection. This issue affects NGG Smart Image Search: from n/a through 3.4.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/plugin/ngg-smart-image-search/vulnerability/wordpress-ngg-smart-image-search-3-4-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-528xx/CVE-2025-52833.json b/CVE-2025/CVE-2025-528xx/CVE-2025-52833.json new file mode 100644 index 00000000000..b37960f71a2 --- /dev/null +++ b/CVE-2025/CVE-2025-528xx/CVE-2025-52833.json @@ -0,0 +1,56 @@ +{ + "id": "CVE-2025-52833", + "sourceIdentifier": "audit@patchstack.com", + "published": "2025-07-04T12:15:35.217", + "lastModified": "2025-07-04T12:15:35.217", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in designthemes LMS allows SQL Injection. This issue affects LMS: from n/a through 9.1." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "audit@patchstack.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L", + "baseScore": 9.3, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 4.7 + } + ] + }, + "weaknesses": [ + { + "source": "audit@patchstack.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://patchstack.com/database/wordpress/theme/lms/vulnerability/wordpress-lms-9-1-sql-injection-vulnerability?_s_id=cve", + "source": "audit@patchstack.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-60xx/CVE-2025-6056.json b/CVE-2025/CVE-2025-60xx/CVE-2025-6056.json new file mode 100644 index 00000000000..4decfe5ba51 --- /dev/null +++ b/CVE-2025/CVE-2025-60xx/CVE-2025-6056.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-6056", + "sourceIdentifier": "vulnerability@ncsc.ch", + "published": "2025-07-04T12:15:35.407", + "lastModified": "2025-07-04T12:15:35.407", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2.4 and 8.3.1 allows unauthenticated attackers to enumerate usernames." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "vulnerability@ncsc.ch", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "vulnerability@ncsc.ch", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-203" + } + ] + } + ], + "references": [ + { + "url": "https://www.redguard.ch/blog/2025/07/04/cve-2025-6056-airlock-iam-username-enumeration/", + "source": "vulnerability@ncsc.ch" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-67xx/CVE-2025-6740.json b/CVE-2025/CVE-2025-67xx/CVE-2025-6740.json new file mode 100644 index 00000000000..2c09520e9ca --- /dev/null +++ b/CVE-2025/CVE-2025-67xx/CVE-2025-6740.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-6740", + "sourceIdentifier": "security@wordfence.com", + "published": "2025-07-04T12:15:35.570", + "lastModified": "2025-07-04T12:15:35.570", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "The Contact Form 7 Database Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018tmpD\u2019 parameter in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "security@wordfence.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://plugins.trac.wordpress.org/browser/contact-form-cfdb7/tags/1.3.1/contact-form-cfdb-7.php", + "source": "security@wordfence.com" + }, + { + "url": "https://plugins.trac.wordpress.org/changeset/3320134/", + "source": "security@wordfence.com" + }, + { + "url": "https://wordpress.org/plugins/contact-form-cfdb7/#developers", + "source": "security@wordfence.com" + }, + { + "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/014803c8-3319-48ad-98c7-d1f372d37ff2?source=cve", + "source": "security@wordfence.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-70xx/CVE-2025-7061.json b/CVE-2025/CVE-2025-70xx/CVE-2025-7061.json new file mode 100644 index 00000000000..5ff9ed81cb9 --- /dev/null +++ b/CVE-2025/CVE-2025-70xx/CVE-2025-7061.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2025-7061", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-07-04T13:15:25.987", + "lastModified": "2025-07-04T13:15:25.987", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Intelbras InControl up to 2.21.60.9. It has been declared as problematic. This vulnerability affects unknown code of the file /v1/operador/. The manipulation leads to csv injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "PROOF_OF_CONCEPT", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 2.7, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.2, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N", + "baseScore": 3.3, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "MULTIPLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "LOW", + "exploitabilityScore": 6.4, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-1236" + } + ] + } + ], + "references": [ + { + "url": "https://vuldb.com/?ctiid.314836", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.314836", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.600881", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-70xx/CVE-2025-7066.json b/CVE-2025/CVE-2025-70xx/CVE-2025-7066.json new file mode 100644 index 00000000000..d6e2496f24f --- /dev/null +++ b/CVE-2025/CVE-2025-70xx/CVE-2025-7066.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-7066", + "sourceIdentifier": "cve@gitlab.com", + "published": "2025-07-04T12:15:35.740", + "lastModified": "2025-07-04T12:15:35.740", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Jirafeau normally prevents browser preview for text files due to the possibility that for example SVG and HTML documents could be exploited for cross site scripting. This was done by storing the MIME type of a file and allowing only browser preview for MIME types beginning with image (except for image/svg+xml, see CVE-2022-30110 and CVE-2024-12326), video and audio. However, it was possible to bypass this check by sending a manipulated MIME type containing a comma and an other MIME type like text/html (for example image/png,text/html). Browsers see multiple MIME types and text/html would takes precedence, allowing a possible attacker to do a cross-site scripting attack. The check for MIME types was enhanced to prevent a browser preview when the stored MIME type contains a comma." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cve@gitlab.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.7 + } + ] + }, + "weaknesses": [ + { + "source": "cve@gitlab.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://gitlab.com/jirafeau/Jirafeau/-/commit/79464ec6276e8eb0e0b0ad597db02b85080d2b63", + "source": "cve@gitlab.com" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2022-30110", + "source": "cve@gitlab.com" + }, + { + "url": "https://www.cve.org/CVERecord?id=CVE-2024-12326", + "source": "cve@gitlab.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 081e90a3317..563cb93b318 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-07-04T12:00:12.636419+00:00 +2025-07-04T14:00:11.519894+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-07-04T11:15:51.683000+00:00 +2025-07-04T13:15:25.987000+00:00 ``` ### Last Data Feed Release @@ -33,27 +33,44 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -300308 +300361 ``` ### CVEs added in the last Commit -Recently added CVEs: `5` +Recently added CVEs: `53` -- [CVE-2025-38174](CVE-2025/CVE-2025-381xx/CVE-2025-38174.json) (`2025-07-04T11:15:51.283`) -- [CVE-2025-38175](CVE-2025/CVE-2025-381xx/CVE-2025-38175.json) (`2025-07-04T11:15:51.420`) -- [CVE-2025-38176](CVE-2025/CVE-2025-381xx/CVE-2025-38176.json) (`2025-07-04T11:15:51.543`) -- [CVE-2025-5920](CVE-2025/CVE-2025-59xx/CVE-2025-5920.json) (`2025-07-04T10:15:24.223`) -- [CVE-2025-7060](CVE-2025/CVE-2025-70xx/CVE-2025-7060.json) (`2025-07-04T11:15:51.683`) +- [CVE-2025-49417](CVE-2025/CVE-2025-494xx/CVE-2025-49417.json) (`2025-07-04T12:15:31.003`) +- [CVE-2025-49418](CVE-2025/CVE-2025-494xx/CVE-2025-49418.json) (`2025-07-04T12:15:31.247`) +- [CVE-2025-49431](CVE-2025/CVE-2025-494xx/CVE-2025-49431.json) (`2025-07-04T12:15:31.537`) +- [CVE-2025-49809](CVE-2025/CVE-2025-498xx/CVE-2025-49809.json) (`2025-07-04T13:15:25.780`) +- [CVE-2025-49866](CVE-2025/CVE-2025-498xx/CVE-2025-49866.json) (`2025-07-04T12:15:31.837`) +- [CVE-2025-49867](CVE-2025/CVE-2025-498xx/CVE-2025-49867.json) (`2025-07-04T12:15:32.123`) +- [CVE-2025-49870](CVE-2025/CVE-2025-498xx/CVE-2025-49870.json) (`2025-07-04T12:15:32.383`) +- [CVE-2025-50032](CVE-2025/CVE-2025-500xx/CVE-2025-50032.json) (`2025-07-04T12:15:32.817`) +- [CVE-2025-50039](CVE-2025/CVE-2025-500xx/CVE-2025-50039.json) (`2025-07-04T12:15:33.017`) +- [CVE-2025-52718](CVE-2025/CVE-2025-527xx/CVE-2025-52718.json) (`2025-07-04T12:15:33.197`) +- [CVE-2025-52776](CVE-2025/CVE-2025-527xx/CVE-2025-52776.json) (`2025-07-04T12:15:33.370`) +- [CVE-2025-52796](CVE-2025/CVE-2025-527xx/CVE-2025-52796.json) (`2025-07-04T12:15:33.553`) +- [CVE-2025-52798](CVE-2025/CVE-2025-527xx/CVE-2025-52798.json) (`2025-07-04T12:15:33.737`) +- [CVE-2025-52805](CVE-2025/CVE-2025-528xx/CVE-2025-52805.json) (`2025-07-04T12:15:33.927`) +- [CVE-2025-52807](CVE-2025/CVE-2025-528xx/CVE-2025-52807.json) (`2025-07-04T12:15:34.107`) +- [CVE-2025-52813](CVE-2025/CVE-2025-528xx/CVE-2025-52813.json) (`2025-07-04T12:15:34.273`) +- [CVE-2025-52828](CVE-2025/CVE-2025-528xx/CVE-2025-52828.json) (`2025-07-04T12:15:34.453`) +- [CVE-2025-52830](CVE-2025/CVE-2025-528xx/CVE-2025-52830.json) (`2025-07-04T12:15:34.633`) +- [CVE-2025-52831](CVE-2025/CVE-2025-528xx/CVE-2025-52831.json) (`2025-07-04T12:15:34.820`) +- [CVE-2025-52832](CVE-2025/CVE-2025-528xx/CVE-2025-52832.json) (`2025-07-04T12:15:35.020`) +- [CVE-2025-52833](CVE-2025/CVE-2025-528xx/CVE-2025-52833.json) (`2025-07-04T12:15:35.217`) +- [CVE-2025-6056](CVE-2025/CVE-2025-60xx/CVE-2025-6056.json) (`2025-07-04T12:15:35.407`) +- [CVE-2025-6740](CVE-2025/CVE-2025-67xx/CVE-2025-6740.json) (`2025-07-04T12:15:35.570`) +- [CVE-2025-7061](CVE-2025/CVE-2025-70xx/CVE-2025-7061.json) (`2025-07-04T13:15:25.987`) +- [CVE-2025-7066](CVE-2025/CVE-2025-70xx/CVE-2025-7066.json) (`2025-07-04T12:15:35.740`) ### CVEs modified in the last Commit -Recently modified CVEs: `3` +Recently modified CVEs: `0` -- [CVE-2025-4748](CVE-2025/CVE-2025-47xx/CVE-2025-4748.json) (`2025-07-04T10:15:23.127`) -- [CVE-2025-4754](CVE-2025/CVE-2025-47xx/CVE-2025-4754.json) (`2025-07-04T10:15:24.080`) -- [CVE-2025-5351](CVE-2025/CVE-2025-53xx/CVE-2025-5351.json) (`2025-07-04T09:15:37.100`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 0a62aad344c..e383d5956bd 100644 --- a/_state.csv +++ b/_state.csv @@ -287588,6 +287588,7 @@ CVE-2025-23967,0,0,7fc0380a265ec940f2b60470b1cf9713d9094d8329ba8cde3022afd9bd781 CVE-2025-23968,0,0,955f5380954e813c7e88fece29af528205d4507019306da5a36ed360685211a7,2025-07-03T19:15:23.043000 CVE-2025-23969,0,0,487de04033365abaa60e5ffa75aa91d7c86b6db89eb8475ac28535f85fa6cbae,2025-06-06T14:06:58.193000 CVE-2025-2397,0,0,1d9d522b7da574d99450a0c926cba6b95d7f81a170fb089caa03fceac1350b83,2025-03-18T15:16:01.257000 +CVE-2025-23970,1,1,59a2f93282d0ee816872cd9efa0e07ec38c23a282c2850aeeef1bedd7bc6d785,2025-07-04T12:15:25.697000 CVE-2025-23971,0,0,b92b26502e7bf23962c464265b1f8680f1f27660b2e187da01a8acb71a6d5407,2025-06-06T14:06:58.193000 CVE-2025-23972,0,0,c6feb141178185be5ee89fd0f163b49db0609e63f67bcc15dd9bfffbe8445c82,2025-07-04T09:15:25.540000 CVE-2025-23973,0,0,b03f07955cb4b8a1b76e7d2c342eec64764547fed2e7c9db7f01a8a71cd682f4,2025-06-30T18:38:48.477000 @@ -288309,12 +288310,14 @@ CVE-2025-24768,0,0,9189c2bd9d601f25f78d69a9ed75ee394b9e6a5a348dad3498cc8567cf03a CVE-2025-24769,0,0,0f0fa0d60cf6c9c4c0c230cdf830a34c536e6201ae02e40d3e4e2d57e844d855,2025-06-30T18:38:48.477000 CVE-2025-2477,0,0,3686d026975337c8b88c9fe51616f10734ea4310f92df921905ea60f68804787,2025-03-22T07:15:24.780000 CVE-2025-24770,0,0,fdf52f6ec826aca9cec8dc178d0c6ac549801c2a9257299df2336712d666c437,2025-06-12T16:06:47.857000 +CVE-2025-24771,1,1,2178434632344a0dfbf1153604eb1f570747a536200c910c821033b4f5abaa07,2025-07-04T12:15:26.320000 CVE-2025-24772,0,0,547afdd5349c8fcce2c64d6c10c715e5d3569a1830eade75c5bf4072200b32a0,2025-06-06T14:06:58.193000 CVE-2025-24773,0,0,b249e5165b2867fb7b2f87de8edfe0070c6d22c19362fd6848e57861d099e364,2025-06-17T20:50:23.507000 CVE-2025-24774,0,0,ed8ed015edd881dc0d20b6cd243fbd5f243c70baa478f754d8e8dfb85effe02d,2025-06-30T18:38:48.477000 CVE-2025-24776,0,0,c9ddd5a50b6ab340b7f808209038fd5f4594e33d9ce5f72a4815066c12e3c3b8,2025-06-06T14:06:58.193000 CVE-2025-24778,0,0,882f4200212085da2b27c56d01fef020fd88d760c8f828c4b6e08199c67ae033,2025-06-06T14:06:58.193000 CVE-2025-2478,0,0,1f250b1c3a01cc2aeb8f8a30a3c88313a7c6df2af4f8c1676f1452abfadd344c,2025-03-22T07:15:24.963000 +CVE-2025-24780,1,1,ebe3598a5946fdd4e080c78a1b70d45ee262abdb1c994d9eac190306a81112ee,2025-07-04T12:15:26.500000 CVE-2025-24781,0,0,ea0dd1f1efc338a8190531ba4028569aeff4169f4687c401bac25279a2c35633,2025-02-03T15:15:30.410000 CVE-2025-24782,0,0,8c372ce8320f821beaf5305dedc64260459e1c67813cc3a8d8e478a94bd72f81,2025-03-10T18:30:35.687000 CVE-2025-24783,0,0,16acaefd8445952b553e27b44c44e73c798d385c295acd08deef74497b7f723b,2025-01-28T16:15:44.880000 @@ -290710,13 +290713,18 @@ CVE-2025-28963,0,0,492635525da6d93121db7df236cc641283bff0fcc38e699d41e719d56125a CVE-2025-28964,0,0,5941c6471c783811f736b1cd6a2de0d6e846c0f5ab5d7f88d39ac0e5c46376df,2025-06-06T14:06:58.193000 CVE-2025-28966,0,0,a9a888da79337c47e1f2f230b623b8e1e6b96aab7deecf98c76f3f9f345b2049,2025-06-06T14:06:58.193000 CVE-2025-28967,0,0,8d61b8faed1e495539244f436a0e941cc255d5cbfc4f6a09c60b49cdc064b470,2025-07-04T09:15:30.760000 +CVE-2025-28968,1,1,fd76809ab4dcb3e9bc05d6ff19e038c7eca60e1a5650d3cf1775d09ef79f8195,2025-07-04T12:15:26.693000 CVE-2025-28969,0,0,d8571d342ae6a1e70e2ed662cacad663e51e62993ea4923fe828b9719d25c322,2025-07-04T09:15:31.183000 CVE-2025-28970,0,0,92881b56e6fe23586d7f4f080215a9212037d5cb3eec1d1c40819fe922f76f18,2025-06-30T18:38:48.477000 CVE-2025-28971,0,0,416d7bdfcc223a43beb11fd2a19095bda9448dc204067b8031e0e2ad965308a5,2025-07-04T09:15:31.507000 CVE-2025-28972,0,0,ceb2fdbef9f785f49da61607523e4567ff2674a64e5cbd6022403b56031ab79d,2025-06-17T20:50:23.507000 CVE-2025-28974,0,0,e17e6dc9b84000fcffa09ada9585e56145630617cef399b7f12d810b2629175f,2025-06-06T14:06:58.193000 +CVE-2025-28976,1,1,22e7dbe143e737814b2e460fcae43f33870f7644bbbdb9bffcd5ef93b708e320,2025-07-04T12:15:26.877000 +CVE-2025-28978,1,1,8e5294569f562f5d0eddc4883ca6df9d51a17e7844261283486cce162feef8df,2025-07-04T12:15:27.053000 CVE-2025-2898,0,0,47f67442cb55ba411e4669d13ef4529f1239e4e6ba72061becfb6f7e592e31cd,2025-05-16T20:02:07.950000 +CVE-2025-28980,1,1,fde1f61614e6028537af6e46d192741322aaba45c13bf42a32a7537f008c3a9d,2025-07-04T12:15:27.233000 CVE-2025-28981,0,0,bb036b80f7f84e8c41aa9257be84aaa70ba5720599d544c5ddd5af62806b9e7e,2025-06-06T14:06:58.193000 +CVE-2025-28983,1,1,03c3e13191b5cb31d374bf8938f40593b5ab3d4d1343d8b276771adc3a5ba2a8,2025-07-04T12:15:27.437000 CVE-2025-28984,0,0,9ef7f986d96117439d40b90e2fda225b43bc8fa4b7f4173f4395b7739bf2f93b,2025-06-06T14:06:58.193000 CVE-2025-28985,0,0,9bc036525a100347f01ae377d4a458e90eef123681201c669ca0c05249f59f10,2025-06-06T14:06:58.193000 CVE-2025-28986,0,0,1361618036e60c533ef72231d02393dbc213b1b36c2bad113d5bda9efbecbc7b,2025-06-06T14:06:58.193000 @@ -291936,6 +291944,7 @@ CVE-2025-30929,0,0,c88b9e1679ed61da4510f8138d576badebf813a72006d5c21c8fe44a2d3c4 CVE-2025-30930,0,0,9bf542b9de63233fd9f5d85ed07f76a70f9c52a5e16db28223227969773c9c4a,2025-06-06T14:06:58.193000 CVE-2025-30931,0,0,b875c8d500ba8afd6309c2581a84310affe8927efa1570fe516c4e65530e3e61,2025-06-06T14:06:58.193000 CVE-2025-30932,0,0,bd2f98f1d0e502b0ec1e90cccecfa714cd49fae8e66f1ef0acebbfeeed36e7dd,2025-06-06T14:06:58.193000 +CVE-2025-30933,1,1,b8102a08bceb254e9e86735e9879c7000378bb4947b03abb30a0f6ee840c7ad8,2025-07-04T12:15:27.607000 CVE-2025-30934,0,0,bd66b04ba09878dacf97f7932735e787201c499a30fbfa68898a4b22f0dd9db1,2025-06-06T14:06:58.193000 CVE-2025-30935,0,0,ca186eaa73e189cf659341c581c52f39f9d6173e5f6605fee0e7c4491aea4555,2025-06-06T14:06:58.193000 CVE-2025-30937,0,0,c800cece02855df665103857cea1e01b14dbddbab68399fc5858bde566e29ad2,2025-06-06T14:06:58.193000 @@ -292034,6 +292043,7 @@ CVE-2025-31033,0,0,840a89b6a6fca121cfba44c8138c52066a8fe2d84b54cf8217e967669e52c CVE-2025-31034,0,0,00045c692d736174347a15996f2644c271311b493b2650b7c9934fd5c24aaef7,2025-04-09T20:02:41.860000 CVE-2025-31035,0,0,5c760e02fcbaee44a22a24ae8d34d9e90e3913b6f5837b6cb83b1fc705e4819e,2025-04-09T20:02:41.860000 CVE-2025-31036,0,0,62cc9af3a9e12c32332fdab0e5c5a83ab6b53958493b4efe680877f6a1c84c8b,2025-04-09T20:02:41.860000 +CVE-2025-31037,1,1,7963ad0be448052df9d3d81b17be197e12c5d3d1b4487b35c8312e5772961c7f,2025-07-04T12:15:27.790000 CVE-2025-31038,0,0,7b5afc8e5d375ec9301ab6b724560141888b47309d5f5f2d9937b8782c078587,2025-04-09T20:02:41.860000 CVE-2025-31039,0,0,3e71e4693b497f566796572ee06eac544c71385131a6aad7b4db8dd95cd81f04,2025-06-12T16:06:47.857000 CVE-2025-3104,0,0,7baf3ae0deb4ba68c845a43b1ae9db1bf794c9bf7b07685fd4c21f525945dae6,2025-04-16T13:25:37.340000 @@ -293104,6 +293114,7 @@ CVE-2025-32293,0,0,9a78105b18f8a0c6c5de1f8fe7dabe6d94082dabce45b1c06d974558f6494 CVE-2025-32294,0,0,9398a189e417d8f1d02011e09df57d4ffe10a67d2827545633f1e29d8a0f8f0c,2025-05-23T15:54:42.643000 CVE-2025-32295,0,0,53c433306ea7dc97c36184a382b23df1b7d58def930436bb6fff2c7acee5a45e,2025-05-19T13:35:50.497000 CVE-2025-32296,0,0,55e4b32b240a3fefbe017324691d07e50cbce68d67ba40dfedaf61401ab7943b,2025-05-19T13:35:50.497000 +CVE-2025-32297,1,1,7864874790b44bc86971a82eba0475cfc424132e681c73bfdc11da628e805147,2025-07-04T12:15:27.980000 CVE-2025-32298,0,0,302f959d43cad911fa63ec1c874fdce4574abad03c10b91ff72248209ba9352a,2025-06-30T18:38:48.477000 CVE-2025-32299,0,0,49c4147c6d2449192d55c98739bc9eec8c1be87420b29ae76c69f17ee126a9c1,2025-05-19T13:35:50.497000 CVE-2025-3230,0,0,d3629a3e2161163bd15af1432474f4fcf2513cb10a5452b9803677814dc453de,2025-05-30T16:31:03.107000 @@ -293116,6 +293127,7 @@ CVE-2025-32308,0,0,2b7bec71af2d8aeb794f4d157dfc61ad4810b98ac960b587b7920f453cf78 CVE-2025-32309,0,0,72e524edceb2da5dc017c83bf8ab60e46c6fe45eb184ab0349a1ba415921a900,2025-05-23T15:54:42.643000 CVE-2025-3231,0,0,7fe259e10bdefff2f7d2cc360ec09abf1ea1f8d9711a4276861c2a354dc3b16e,2025-06-05T05:15:23.977000 CVE-2025-32310,0,0,c3b2568a49d7a011e3cbc9748557e58f0519995b3a6735845f843c0d6b6482d9,2025-05-19T13:35:50.497000 +CVE-2025-32311,1,1,66902e9308b8ff4ed8b5285e97c96281e1ccb8dede092a58a49a65bd3fc68a1a,2025-07-04T12:15:28.163000 CVE-2025-3234,0,0,70e8f52beb03455c50e84ca367316ec0117a47001407b94db1600acd985ca8fa,2025-06-16T12:32:18.840000 CVE-2025-3235,0,0,bf02e56a9b2acdd9197c016e355d3cdfc496d77110cbd9f5fcadcef4a0003d66,2025-05-16T15:43:09.640000 CVE-2025-32352,0,0,14a2251916c9246fc3d185746736b75fd36a375e4aafcddd19d832e612b92a9a,2025-04-07T17:15:37.147000 @@ -294783,9 +294795,10 @@ CVE-2025-38170,0,0,b1c7a8a686598117d579b49c36f9dfc246d7a85968e3d1a72aefa82f6c379 CVE-2025-38171,0,0,f95ca611844b95f0e39fc19384d1f57607907420bdb1ba713608796f09aa12b4,2025-07-03T15:13:53.147000 CVE-2025-38172,0,0,4e4ef42ded411831bccf5529f0771259168b8156cfe0a02454e114ddbe450929,2025-07-03T15:13:53.147000 CVE-2025-38173,0,0,08731523179cb799e2a4113c4ef77bca1b93441f06e50936252e763ad3448f15,2025-07-03T15:13:53.147000 -CVE-2025-38174,1,1,53a3c9dd9ce1ec8953cc61fd4aae35565f1e3a756f2c47cb0e4065d2908e9a78,2025-07-04T11:15:51.283000 -CVE-2025-38175,1,1,5f50123915645cd66f3e27a556e629641b60ee389607f24a58fe01e82d4bc2a4,2025-07-04T11:15:51.420000 -CVE-2025-38176,1,1,1d76865b3abcccf11009f7e60898387d9095aa3651a6c61a1f0472558a222c04,2025-07-04T11:15:51.543000 +CVE-2025-38174,0,0,53a3c9dd9ce1ec8953cc61fd4aae35565f1e3a756f2c47cb0e4065d2908e9a78,2025-07-04T11:15:51.283000 +CVE-2025-38175,0,0,5f50123915645cd66f3e27a556e629641b60ee389607f24a58fe01e82d4bc2a4,2025-07-04T11:15:51.420000 +CVE-2025-38176,0,0,1d76865b3abcccf11009f7e60898387d9095aa3651a6c61a1f0472558a222c04,2025-07-04T11:15:51.543000 +CVE-2025-38177,1,1,ce355b67eb26bef076b6442ea21fdee9dec2f5cf3d36e312374ee949d4b76257,2025-07-04T13:15:24.033000 CVE-2025-3818,0,0,3c16ac735bef611f4f7a003d7e8df6e629fdba89dc0e50dd09818ffaf2dc408d,2025-05-29T14:15:36.833000 CVE-2025-3819,0,0,316fcf62ccd5dbea2c470e70addfcde222849a1bd463811716c3a6eeedb126a1,2025-05-14T13:23:57.713000 CVE-2025-3820,0,0,34e78ee07c727e4b7e6e73a0185d4c76251684a3fdeed8adc4204415923e2fbd,2025-04-21T14:23:45.950000 @@ -295042,6 +295055,7 @@ CVE-2025-39481,0,0,ffc38075b9c9e137d0a9f220b07f654268d9b6b192ff077aaa96738d747f3 CVE-2025-39482,0,0,f44ca390a511cc4fa9864ad222a12fd65c81c88e214777e055d5294de44cc742,2025-06-06T21:54:00.823000 CVE-2025-39485,0,0,70335b3403cfdaaf341612abdd2f1cd24b67724d9af1078263285d5edb296bf1,2025-05-23T15:54:42.643000 CVE-2025-39486,0,0,1a5bf0d54b393953a2981b7d722be529e2899f1eb7efd4bc047395019cabf8ac,2025-06-17T20:50:23.507000 +CVE-2025-39487,1,1,061fbb607f28d5a0bb8e103f5d48bb8717076e158984d2e348743368d7e0f4f5,2025-07-04T12:15:28.353000 CVE-2025-39488,0,0,632999481930c08854f29c3aac16c1691ab347c034a3ff2179fc0cb8b58cda1c,2025-06-30T18:38:48.477000 CVE-2025-39489,0,0,b80eceb8e17f53f167eb1f01a46351e47168a0eeeb436f1c1624f43d9e9a40e7,2025-05-23T15:54:42.643000 CVE-2025-3949,0,0,168e2abe66849b76f108d2275699dc7aa3f34d482497d50c4cedde8b889e7a83,2025-05-12T17:32:32.760000 @@ -295929,6 +295943,7 @@ CVE-2025-4412,0,0,8c8c59397117a84a167d36fb79f68c5cd99b79261327a1fb082cf24faee6cc CVE-2025-4413,0,0,61cf4ae74dd1877b470f2b4f5c2f8b7d6825e0d478eed1e554284b17cfa549ed,2025-06-18T13:46:52.973000 CVE-2025-44134,0,0,45b85d904dd860695476948041d246707a0696d9dc7fe9b405a5e27a85d44980,2025-05-14T13:05:17.200000 CVE-2025-44135,0,0,e8d32c865e9ccdb8b63503c21fad4c48843876d5709a3df063410109f034ccc9,2025-05-14T13:04:58.830000 +CVE-2025-4414,1,1,221c6e0a0804453fe8b27029d24cb5280cb8f036dd1aabda2d76a914ac2e058b,2025-07-04T12:15:32.617000 CVE-2025-44141,0,0,1b640fec5b67675dd6c48e39ace9ed93416eeec7d96ebdef4175bdaef84aa0ca,2025-07-01T16:03:07.920000 CVE-2025-44148,0,0,440749a71814d76edeed70dd30fc58f3e0b75eaee931968ee8c88b7d1e24e11d,2025-06-09T18:04:33.580000 CVE-2025-4415,0,0,14ae76cc14cb7c5f3c4c963406f20e07ac9834ebdb3d6a3c4d84f73bfd11e915,2025-05-21T20:24:58.133000 @@ -297154,7 +297169,8 @@ CVE-2025-47475,0,0,419116b80f7fe9386a9aac3c0836858ef647ac252eac4b1ff08d67e0a3375 CVE-2025-47476,0,0,f06946c9db65910277eefdd02a4e277fdae7c5884111c0fe22a4a0e5abb63365,2025-05-08T14:39:18.800000 CVE-2025-47477,0,0,77da2db11e5826e5ac8b7646c2ab3c2664e4f15f6b958d535ab609737d59cbfd,2025-06-12T16:06:47.857000 CVE-2025-47478,0,0,e6d6adb3b1616923ef0638df6a5bba4a6a66b2f12e5e8ad860cddbc43d60dfda,2025-05-23T15:54:42.643000 -CVE-2025-4748,0,1,d72b1fc830074b164b8acb25ed3eaab3cb637a77bda96fbcf4a4f78a30586787,2025-07-04T10:15:23.127000 +CVE-2025-47479,1,1,615afe1b3b815594c76d8b7f5cd63272f49df020e558275a50ea30eeafa0e272,2025-07-04T12:15:28.530000 +CVE-2025-4748,0,0,d72b1fc830074b164b8acb25ed3eaab3cb637a77bda96fbcf4a4f78a30586787,2025-07-04T10:15:23.127000 CVE-2025-47480,0,0,ef5cc5737d0e088e76573f050c6e079a8e6e4769a34e7600bd175867d6608ec8,2025-05-08T14:39:18.800000 CVE-2025-47481,0,0,9dd0d7411f22176e27723210f288403628c90f1234e60ae0d0856344023dd406,2025-05-08T14:39:18.800000 CVE-2025-47482,0,0,961d8ef4753c50b36e4d7feaf8debc74b4e022889d69dcdb4a7b418fc8bebc1e,2025-05-08T14:39:18.800000 @@ -297218,7 +297234,7 @@ CVE-2025-47535,0,0,efb928a78fd100590d3f216ac98a70ac07ad42a00a82415ffb8ae51dc6f07 CVE-2025-47537,0,0,ec99457b56cbb00305479743e07a55f5a22c2d4fb689ff948519b19e18d85b8b,2025-05-08T14:39:18.800000 CVE-2025-47538,0,0,14ba1016f0e3a65098eafca0592f72eddcd029d8a2d7aad5d253065d3c462cdb,2025-06-09T17:02:49.720000 CVE-2025-47539,0,0,c3761e209ddba0b551c2e657f393922bb50271a7d4f01fd27c8f4c7638d0081e,2025-05-23T15:54:42.643000 -CVE-2025-4754,0,1,857f05255bd8de93543e27d17c69c36bd015f3ab132b8e60cba88ed63b960c73,2025-07-04T10:15:24.080000 +CVE-2025-4754,0,0,857f05255bd8de93543e27d17c69c36bd015f3ab132b8e60cba88ed63b960c73,2025-07-04T10:15:24.080000 CVE-2025-47540,0,0,55d8d4a206487308d2f526fcb2868faa0ebb095c5ddaf1495187adbed1e3dca2,2025-06-09T17:04:28.477000 CVE-2025-47541,0,0,abfce1eefeffb0429ea17dd63476994eb46b97459479258fa484aeb781b43a2c,2025-05-23T15:54:42.643000 CVE-2025-47542,0,0,1b8b0dfe2acc7592714b60ac74c401c771cb1a6a316e5848101e603d1cbc03e9,2025-06-09T17:05:30.240000 @@ -297242,6 +297258,7 @@ CVE-2025-47561,0,0,8b050526c8237fe36193e74cf309358734a02806bb21757e1cf72a029c892 CVE-2025-47562,0,0,879496304ffa94481070c08ba70f4beeb80850bcaa0cd491262f65c2fe9f8f35,2025-05-19T13:35:50.497000 CVE-2025-47563,0,0,72acd05048e66bf43174d423048963fa4336cfd5d05a950e28ccf6a586953f28,2025-05-19T13:35:50.497000 CVE-2025-47564,0,0,758c7c233976a079425cfa725a742dd6e7231873de27eacf12a1e47dc13257f8,2025-05-19T13:35:50.497000 +CVE-2025-47565,1,1,8b16b5c755075c3dcc98667be5e0b1272b5f8108f52b520047a7220b1bb94e13,2025-07-04T12:15:28.720000 CVE-2025-47567,0,0,8bd59bb6ff8c472a7ea16c76eaaa9fb8be8e5bf93dec95aa6197eaff663abf08,2025-05-19T13:35:50.497000 CVE-2025-47568,0,0,816122bf6ee3258a91c70b57c27a64864503daf9f011fa2dfdbf1808df01ccc4,2025-05-23T15:54:42.643000 CVE-2025-4757,0,0,aff32a5dd8531f1cf16b47f2eaa3e2f3dcb4fa067452c943f1a1e24c22fb61c9,2025-05-27T19:49:21.437000 @@ -297300,12 +297317,14 @@ CVE-2025-47623,0,0,adb1ced070dea01b2e40fc59b84823c3de3af7a1cdf4dc4cba34ff48b6ead CVE-2025-47624,0,0,3dbfa0dab0132de797c9a5cab8ee76ac7a93263d3ebb72f7a44909996daa6ae3,2025-05-12T20:13:02.450000 CVE-2025-47625,0,0,b879c66726c7cc8f91a62e5cada6922da2027387107c601a854ac60f809d11a1,2025-05-12T20:12:01.663000 CVE-2025-47626,0,0,bf88148a7c502f96131b60b77588d57b9b40344b978f3b708b521e2614a36d54,2025-05-12T20:11:39.513000 +CVE-2025-47627,1,1,5fd600955760d79ff9ca897e818c88517f566fac41c0fc13577245730938bb0c,2025-07-04T12:15:28.917000 CVE-2025-47628,0,0,3a352204d5e4cc12d5ce2e2e1ea3da85e25e0eb47c6bbea20c8b5b637fab879d,2025-05-12T20:11:13.080000 CVE-2025-47629,0,0,68608bf59b09b45aca1dd6b501b7a877b54d1b0c440b69b9904797f74442993a,2025-05-12T20:31:08.413000 CVE-2025-47630,0,0,f790609ceecba739ddd28929a03ce3e7133470ecda92675205e840ef8b22ebf4,2025-05-12T20:00:07.693000 CVE-2025-47631,0,0,12034c51ff11737e86761439c9b9dd9575d84000baabff3044b7eb2f26d9fba4,2025-05-23T15:54:42.643000 CVE-2025-47632,0,0,ee2719cb952cde93b033c00cf78ab6f3291285f0dd8209ef8af4b77a88946ad6,2025-05-12T19:59:39.963000 CVE-2025-47633,0,0,fe0fc967b6a437fc51271e1790c541fcb665c108db49d6bb16969242bddb37dd,2025-05-12T19:58:40.697000 +CVE-2025-47634,1,1,c6b1d110661276605da1933fb0ab64363540b5164dca315fb3a12b7eca92052e,2025-07-04T12:15:29.090000 CVE-2025-47635,0,0,2d332eb90b47618ac710d319d79594887a0d45990abd9224e46e68d15f534de4,2025-05-12T19:56:54.593000 CVE-2025-47636,0,0,ec0e283d6103bb393c29402697250981cce8cea83f07c93c3c7a0090b2e210ae,2025-05-08T14:39:09.683000 CVE-2025-47637,0,0,57e63b481c7b92bcd190b336ab47b8c4dd17f9a48948c3115cee252776f48397,2025-05-23T15:54:42.643000 @@ -297635,6 +297654,7 @@ CVE-2025-48147,0,0,d66fc5f0d4a515039630f4bce27a90f7dd008308f73336ecb1c7033f2767d CVE-2025-4815,0,0,31cc1cd9ba179e2e20111ed224a5d1f55b5f28081bf7ef82d4c48c2315ce9fb6,2025-05-28T17:08:54.983000 CVE-2025-4816,0,0,1d7865e0cbbb0c318cb8ea40d3a767abd03ec76e1a6022bd94025fd37d41588b,2025-05-28T00:59:43.940000 CVE-2025-4817,0,0,f265475ef28de63b3868387a0ba8131291fd27201dee770829df62b575e6a51c,2025-05-28T00:59:22.280000 +CVE-2025-48172,1,1,7bc50b9f72948fc8edcf450c1cff239f4b362a5df806a1747f0d966fd88cd60a,2025-07-04T13:15:25.453000 CVE-2025-48174,0,0,c3e8083f71af16819d1dd271b42b6299c82ce55401fe37929ced2b9ea25ef1fa,2025-06-04T20:02:37.147000 CVE-2025-48175,0,0,c27d60fa36a5115b45f4438bfaf90b1bca9400541c8b0eefea9c65d281f833e1,2025-06-27T15:21:28.030000 CVE-2025-4818,0,0,46d731a7fb69ff2dcbbabe2b3a403a7f0fce04438dcb8f5cef1cb1fefa0dfdd7,2025-05-28T00:58:53.250000 @@ -297653,6 +297673,7 @@ CVE-2025-48207,0,0,76c33189882fc278de738df7a6b1dc2c788c6db5fb8f29781ff8867125eb0 CVE-2025-4821,0,0,92d368bfa18cafd9d05ab7b7ed7a6b97809179bd232f0c3ad9a1c2953edd3a1d,2025-06-23T20:16:59.783000 CVE-2025-48219,0,0,98450c06dbf29b24b552934a30418d25f24643ea5ccfd103ca30ed143612ddbc,2025-05-19T13:35:20.460000 CVE-2025-4823,0,0,283f31f86f82bdb204520c6735b8d24ab48777f5f8963f659a2cf1ed36292c4c,2025-05-23T15:48:37.327000 +CVE-2025-48231,1,1,3243a1c08fbdb148b972cc684caa08dbcbdf7095ea97e5fc007d873d265138f7,2025-07-04T12:15:29.280000 CVE-2025-48232,0,0,80ff2e8338291ebd304eb653c59213914ff7845248a459b3e90f05de1679bb9a,2025-05-21T20:25:33.823000 CVE-2025-48233,0,0,a70aa48121179191c73aeba86b3a3e5f6d9ae6b94ea09863a6836bdeb088521a,2025-05-21T20:25:33.823000 CVE-2025-48234,0,0,de1834686011353e4f79735587df8299d0afcaa9c087afc26be22ac4627cd62a,2025-05-21T20:25:33.823000 @@ -298042,6 +298063,7 @@ CVE-2025-49067,0,0,691f1062539c729cb34ba7b80fbff1950eab310a0c7af6dba9c9e83b1bdcd CVE-2025-49068,0,0,3797c73d2b9edaa67883a9553985689bdbba75f4cce7b860c4953ec6ac0de3ac,2025-06-06T14:06:58.193000 CVE-2025-49069,0,0,85c17ca27d4707197d4656ead7a2d4a3e357783b382cc504f2810ab6c0682e62,2025-06-04T14:54:33.783000 CVE-2025-4907,0,0,faa33c63c7cecd77dfa79228df8feba1d9b9297d2893ae52af491eb90f07f770,2025-05-21T17:33:11.603000 +CVE-2025-49070,1,1,7ae7d50e458d36d3a7e6b09e87ecdde59e9658fdc5445d514d8d9a3f75528809,2025-07-04T12:15:29.460000 CVE-2025-49071,0,0,d7a0ea69c2b4bf7e36f0a3ae852834b6bd341eece32f276513a046bcc4ecf024,2025-06-17T20:50:23.507000 CVE-2025-49072,0,0,cc91acb325984d61f014d985d75bbf7e0e9082962c9e96f3405c74646c593528,2025-06-06T14:06:58.193000 CVE-2025-49073,0,0,1520b38b23f181db334ec4a13a2dd7df7cacf51643f5e8d527931755cb4ee618,2025-06-06T14:06:58.193000 @@ -298164,7 +298186,9 @@ CVE-2025-49241,0,0,2f8ca8f8925b1656c1a0c236c2adb9bdd822c30cbb9a4e4329769edc63780 CVE-2025-49242,0,0,bfc4a3cd1ebb15c16b40a39a81f90dfba810f74df400953fdc841286fa11ae74,2025-06-06T14:06:58.193000 CVE-2025-49243,0,0,be422389f0f23c085e3118430a7e87786f59ff770e2372311a2fd00743ac9058,2025-06-06T14:06:58.193000 CVE-2025-49244,0,0,9c68afdf7b0277569dede9f63158f2c34887b825bb13712e05b1b911771e3db4,2025-06-06T14:06:58.193000 +CVE-2025-49245,1,1,e39137fcd71ab8c192d7933bfd51df0dc79cfaf8504f4fdfc77de39d5c489b0b,2025-07-04T12:15:29.677000 CVE-2025-49246,0,0,c4f00883a12b7639ec4f097be449bb342bd0c987bc06f581d137de0d958bd000,2025-06-06T14:06:58.193000 +CVE-2025-49247,1,1,b1bdd2f3c645ad431aff3fa0a24e20768434d57f6918defadb9b3cd77eeb0578,2025-07-04T12:15:29.970000 CVE-2025-49248,0,0,db1641a9d43ab4f081dc759f5beaf5cd220fbde11ca36fb8965e1fb35e92f72f,2025-06-06T14:06:58.193000 CVE-2025-4925,0,0,c7c7b57edd485a39535f310e5e884e623df880c83d50cc9504511597c6a8f4a8,2025-05-21T12:58:28.507000 CVE-2025-49250,0,0,427d3d2370ad4ed43da6ad5bd181602d6f79f8a5d6eb3d4e04409b35d996f102,2025-06-06T14:06:58.193000 @@ -298190,6 +298214,7 @@ CVE-2025-4927,0,0,2750a792f3319584debfa65553b14ad85f4e2aa32076ab9798f492c480349e CVE-2025-49270,0,0,e8f873097abcb2d7ec34af1f5af5f329365db5f98f8d71b00b026f39e6c86d90,2025-06-06T14:06:58.193000 CVE-2025-49272,0,0,0223ce7855dd053f73ca5207582b78d94265515445b553316bae9fb5bbe6c2c5,2025-06-06T14:06:58.193000 CVE-2025-49273,0,0,453f97c5e2432cf4d96c04a3f9b9508448408e0f16b514e0f12be518fd3ced92,2025-06-06T14:06:58.193000 +CVE-2025-49274,1,1,c47e98615623d0b3436894750cda778b58b9503b58501b40792db0a27599711d,2025-07-04T12:15:30.150000 CVE-2025-49275,0,0,dbab4602ee2f48cdaade21f33ea2a245a178ba294a7989698a181ee14d8135b3,2025-06-12T16:06:47.857000 CVE-2025-49276,0,0,ce1935cbdacf71ebc0f030671ca560d22889db5010511583b5cc0037d4678785,2025-06-12T16:06:47.857000 CVE-2025-49277,0,0,f9f318632f85b97a9b391fd3b791134d0b2f9f4c1eb90fe4741410b755d21d1c,2025-06-12T16:06:47.857000 @@ -298219,6 +298244,8 @@ CVE-2025-49298,0,0,073584eaa855bb4ff156a1a6719d633957fe08f33dad454fd79ef7434ddc1 CVE-2025-49299,0,0,9b2bf1000ca705203f3e6ae9b05fdf6cc3eab72aeb70dc1a3fe97834f5f25dda,2025-06-06T14:06:58.193000 CVE-2025-4930,0,0,1d8aea9f3773d4505d618710791bd7bfa563ad02d1fc1ea6085e41b2b87bbf2c,2025-05-21T17:43:31.997000 CVE-2025-49301,0,0,86cb4f8acdf19a6599b96dfb9cc403588373b414144be21a67c9f2d273770a3e,2025-06-06T14:06:58.193000 +CVE-2025-49302,1,1,2f67239e8605e5ccc5ba142f478b1f40065b33de8990d6382abc6df657a0fb9d,2025-07-04T12:15:30.387000 +CVE-2025-49303,1,1,93007861c40bdf680e0dbf24c3725448af6a1ff061fbc7c0fed7029dd36064d6,2025-07-04T12:15:30.623000 CVE-2025-49304,0,0,71574b6a3f2d73836fc1fa830da690db23390a1ed2f0b605e183be288fb555fe,2025-06-06T14:06:58.193000 CVE-2025-49305,0,0,01c7b04cb3780a2d125e224028e4607a8e9e800f0ca0370b769c30081e8a05f4,2025-06-06T14:06:58.193000 CVE-2025-49306,0,0,dad0197fc4ad72912c31a8ac6d742d8be718822a2959e5494bcbb0cd92699791,2025-06-06T14:06:58.193000 @@ -298261,8 +298288,11 @@ CVE-2025-49385,0,0,08b6abe46012b430a7b2b7a4e0a93650ba4b318c27af93fa16b24ebb9ac04 CVE-2025-4939,0,0,5ec31620a920403386badd8ed8c9ad70156a6e4853cf1462dcd01754dc60b7d3,2025-05-28T01:32:20.263000 CVE-2025-4940,0,0,260d8b62a32cfda7d1f9cdbe4bba3d30912c7644fed6c87e919fb1700ed93983,2025-06-12T16:24:13.067000 CVE-2025-4941,0,0,7ee6643b2dca5855a4c8910cf9fb3433ecd0901f54d071fbb7ffd69250830b9c,2025-05-28T01:31:03.773000 +CVE-2025-49414,1,1,60cdf774051915c43d1804468ca2c61ae601825c8fd0140045a8877ebe17331d,2025-07-04T12:15:30.817000 CVE-2025-49415,0,0,68566d7977c1215376be0012202fa62cf118a6497fd62b530424bc30f9fa3712,2025-06-17T20:50:23.507000 CVE-2025-49416,0,0,1aaf23a00d8c1d182bdcea4548893a2f9639f93e1cd838fc6136c3fcfd778515,2025-06-30T18:38:48.477000 +CVE-2025-49417,1,1,786668c696a6bca05cacb4babee705d702e23efd7cb3aeedd544c421f5735f94,2025-07-04T12:15:31.003000 +CVE-2025-49418,1,1,2645c7c6dc863ee61bc37103a133e3dc2753df8ba7b7e230450a02147812232e,2025-07-04T12:15:31.247000 CVE-2025-49419,0,0,85038d062ad76809afc89d292d3481b55710d3abc066574e74740256fb04fd24,2025-06-06T14:06:58.193000 CVE-2025-49421,0,0,44f56b132253671d91321e10d79bc87df372212fcb6d1bb27ad166d07a72fc32,2025-06-06T14:06:58.193000 CVE-2025-49423,0,0,ac6ee00f85c55473ab88bbe3e5c40945dd96a0fec218aa704824bc0b0ffc740b,2025-06-30T18:38:48.477000 @@ -298270,6 +298300,7 @@ CVE-2025-49425,0,0,e1fe97c376de5a4e19ac419b1615599b7ee42807d954ef5670e99aa67f018 CVE-2025-49427,0,0,fc8aa2cea4178b9be9c92854da4245673ac0828517420b90ee0d5a6af5e8695b,2025-06-06T14:06:58.193000 CVE-2025-49429,0,0,72e428471408646b43b87d752d84f4119c531c2054284b1fa2ca291913599aae,2025-06-06T14:06:58.193000 CVE-2025-4943,0,0,4340407097d641a732a3d64a65d30b42dd912a533e30289b536536d0a1b67ff5,2025-06-04T18:31:24.923000 +CVE-2025-49431,1,1,e253dbe816eeb412a544244e797f17b31f15a388687846ac846f9db942e5ad75,2025-07-04T12:15:31.537000 CVE-2025-49435,0,0,3d125ae356818fb0441581cec3fec2e504fbe1aa0a55596b773f33955c684bbc,2025-06-06T14:06:58.193000 CVE-2025-49439,0,0,2ce45d011a214293b10c77cabcaa7af3e67891d083356380452c41e41d5e5922,2025-06-06T14:06:58.193000 CVE-2025-4944,0,0,9a1f50eb597824061a4527d790f3f67b01a7246be2339b95cef835a527892fed,2025-05-30T16:31:03.107000 @@ -298383,6 +298414,7 @@ CVE-2025-49795,0,0,4c770467268ebf148fa0f28383caf66af5bf08e634296e0cb4c455afa6e9b CVE-2025-49796,0,0,c3ae5367828207e03498fac8ae67ddfb08b0af4ece3b2500316915ff59e84375,2025-06-17T20:50:23.507000 CVE-2025-49797,0,0,13aa17d1b7e46eec0802f65578a147baeb08c4d0e59385ea616f044fa893e802,2025-06-26T18:57:43.670000 CVE-2025-4980,0,0,b34e85986066032f97fe34d8a927fed77ce8edee3293780d83eab3188141a736,2025-06-12T16:21:08.950000 +CVE-2025-49809,1,1,05afb440f9c7e95a0582db292249f7fda06194ff2df4cf4832f725380720feff,2025-07-04T13:15:25.780000 CVE-2025-4981,0,0,f5c12859221db84c36da0cdc2f5b3b0d709a62c17786be42789bf52dcdf30cf8,2025-06-23T20:16:40.143000 CVE-2025-49814,0,0,cd4c594b4458e6b3d192baa2131b995abe59dca872f59a22339c83ab6246bc09,2025-06-12T03:15:25.863000 CVE-2025-49815,0,0,ab5c799920620d5e4f9d9b43a2af946d17b69db748ce4d8b6a328cb8d7b9eff6,2025-06-12T03:15:25.930000 @@ -298423,8 +298455,11 @@ CVE-2025-49862,0,0,c57d66f3360ff94a32aaae18a3136ddf56ba33f516839a4fbea6b0b4838ae CVE-2025-49863,0,0,33d363d611f4a23538284642c2f354c246bfbe9c2d607879460ff587d1582933,2025-06-17T20:50:23.507000 CVE-2025-49864,0,0,f4d99355cbde1325d5c5300e8f3976185ab97a4efc2f71fc969c06fce2650686,2025-06-17T20:50:23.507000 CVE-2025-49865,0,0,fd43c315c334cbed70e22444f01a5755f065bda6205cd6f49d0a663c04f8ee07,2025-06-17T20:50:23.507000 +CVE-2025-49866,1,1,b350816897525b3daf8b1f1673dd78348544d07013e8e08eda9af8473a7acdcc,2025-07-04T12:15:31.837000 +CVE-2025-49867,1,1,ec3b7607695f8885600cdf84b37ac68402a02edd0126abde3b148f43f70a70f5,2025-07-04T12:15:32.123000 CVE-2025-49868,0,0,1efdc8ec75b3e93c0086b5dec13caab2556f551947c6bb31bb9fd73281ac625e,2025-06-17T20:50:23.507000 CVE-2025-4987,0,0,c7c39e2e9c9954a29f9a19f48f2a034a7ab3e4a411a4b09beb0620c0b311c40d,2025-06-16T12:32:18.840000 +CVE-2025-49870,1,1,d81b36f65b58f1c31d759bbd68f95a6eebf457a9f9031d33f968153b54761b87,2025-07-04T12:15:32.383000 CVE-2025-49871,0,0,b46953d51d788141ab3b29c3c372f0efdf374585e34a46f34bab62d6d8b0c39f,2025-06-17T20:50:23.507000 CVE-2025-49872,0,0,3b72d42b2f95e19a70f5df8c35477b8cc592ccd1ae421a64f8ff4f702c32e028,2025-06-17T20:50:23.507000 CVE-2025-49873,0,0,ec0de8a610b7b1335f676701fcd5309b682b4282a02b7518b9d450a5cd7317bf,2025-06-23T20:16:40.143000 @@ -298506,12 +298541,14 @@ CVE-2025-50026,0,0,f144377a6f3d80f4679b8641c9c0cf5283150c7cdc5692c46bc7601017fea CVE-2025-50027,0,0,6d7cc969637ed42e324eaa862533467ea52c1e0dcbe8b9f9f16b161f19fbe49f,2025-06-23T20:16:40.143000 CVE-2025-5003,0,0,8e5e1d9761ca938d3fd35aea708db39277e66b20b656a3195e150358582db8aa,2025-05-28T01:24:21.800000 CVE-2025-50030,0,0,89bfbe4c17c851c202dba786fd8437943f46e427786a04cec8555b668cc43104,2025-06-23T20:16:40.143000 +CVE-2025-50032,1,1,f2b8ebd1853122087a4329fc29fa60de8945ec9e5c2b66574ef8258e10666cac,2025-07-04T12:15:32.817000 CVE-2025-50033,0,0,2738b34f7e3c15101342ce0f4e2a966f0b068e0dd660f08772c609a1813c9d56,2025-06-23T20:16:40.143000 CVE-2025-50034,0,0,addb1cfbd7b325cad895eda16871ef70e873e2a759ed635201cbacff36d11441,2025-06-23T20:16:40.143000 CVE-2025-50035,0,0,259a0180bffb3f46d0c16152cae0b4746fb5fd8600268a21ccf1f39e35a84572,2025-06-23T20:16:40.143000 CVE-2025-50036,0,0,6cdfbb31e33212ff818c6e01f46a41907a59eb679342cccab7098fc2c14bec41,2025-06-23T20:16:40.143000 CVE-2025-50037,0,0,89aa41c8daf5e7e3a3bb662a9aa347d31a83ddd9aca499e045972bb3f7e60819,2025-06-23T20:16:40.143000 CVE-2025-50038,0,0,dada3ffbdfd0a70280f428f92e0331fd06f7702c8363d1ad8ff6393fedeb24ea,2025-06-23T20:16:40.143000 +CVE-2025-50039,1,1,627e4f971518e2a4a7e66b01b8d8f3e461856f53f2cdb9e26a54c64ed0afed9d,2025-07-04T12:15:33.017000 CVE-2025-5004,0,0,d7fd9b6c8114c9ac860c14fa88897684c73b2b8251dca41c12cda3a8ce9d421c,2025-05-28T01:20:50.517000 CVE-2025-50041,0,0,75f6e6278f11856523198053842ec1e104e24492e82d9d573f3f8a4e0971895e,2025-06-23T20:16:40.143000 CVE-2025-50042,0,0,6a00085703c918228f1e392cb0cedde720e1f4f0c99bb957112e06c0e32bb773,2025-06-23T20:16:40.143000 @@ -298834,6 +298871,7 @@ CVE-2025-52711,0,0,89905531ab9ffc8f95c007eebb988a86cafda84726fa0a1e8a67963e52646 CVE-2025-52713,0,0,dd903bf26897039ff2663d3fa53844a1463ba8229d49746f6dc30423c84667ea,2025-06-23T20:16:40.143000 CVE-2025-52715,0,0,a4815f001b2ab15993c3ab0dbb5671632e88731698b4eae1f2c32fc42830020f,2025-06-23T20:16:40.143000 CVE-2025-52717,0,0,08af7c95982a241bd309ceada869c66b69693c4ab91aa3522e39aca35fad1aa4,2025-06-30T18:38:48.477000 +CVE-2025-52718,1,1,a314fc7a063fdcd9a0ae380b3722118b5756e1a878728075980056b6b2244223,2025-07-04T12:15:33.197000 CVE-2025-52719,0,0,5255f49aee70f7be6419c1cdeb90569664f1a4ea7bb1bbf43ecce1b8104ccab6,2025-06-23T20:16:40.143000 CVE-2025-5272,0,0,b1d0c7e19ac36597fb989e72bcee09751441797b45636fb052ca12e726df56d9,2025-06-11T12:15:28.840000 CVE-2025-52722,0,0,67080dc3c7ae0b1e5a6c40b4728875a6c5c039edd8a9b90988e8ed70e1b52abb,2025-06-30T18:38:48.477000 @@ -298850,6 +298888,7 @@ CVE-2025-5276,0,0,39d67915dab7ad2300f3ccd3a288fcee1075e32b914c45ad140eb6b7725be5 CVE-2025-5277,0,0,ba5aa3a145e9e2e34ac18c63e7fe60e94ac49ba4d7121cc0bc36eebe3309abbf,2025-05-28T15:01:30.720000 CVE-2025-52772,0,0,deb02b2d983c296f8b89a2559d4d4f189f1c6c676131c9feadcc246a08a5cc14,2025-06-23T20:16:40.143000 CVE-2025-52774,0,0,de771a5b10a99171a6970cc2eda061e856ddfde2b5144a0771c7c0ff4baad63d,2025-06-30T18:38:48.477000 +CVE-2025-52776,1,1,ccd61e3d4e9a841186d0d8174e5e05d107b436e4c2d43ad98da3139a85d68fa0,2025-07-04T12:15:33.370000 CVE-2025-52778,0,0,9edf1af608066a282b94a63bd066e5d09838f79b8a975aaf7daa048d884d03d6,2025-06-30T18:38:48.477000 CVE-2025-5278,0,0,1a1d872b476a4e1ede71f599ba5ea7954cfb91958da7bd7ccf42fc9ce864efd1,2025-05-29T18:15:24.290000 CVE-2025-52780,0,0,beda9d0e83d0e69352f6224f37e355d5bbb032dccdf392d8666399c5db09bf24,2025-06-23T20:16:40.143000 @@ -298865,15 +298904,20 @@ CVE-2025-52792,0,0,54a43e5c19c532f6b49f3b5ecdc987ba818c53d017f06190cee2cbed041fe CVE-2025-52793,0,0,1cecd933b153bc60d3b7b2eddac537905bfaa72ae4b2b195599beb64ec31374e,2025-06-23T20:16:40.143000 CVE-2025-52794,0,0,502cc6110b8b76b562cb28e051a1f9b818d5407c3da5396bd730f9e6d63ac1d5,2025-06-23T20:16:40.143000 CVE-2025-52795,0,0,11006411d1510cee1a98b263384d48fe90a25a6ec4d2d4cab3514b4f857e57ac,2025-06-23T20:16:40.143000 +CVE-2025-52796,1,1,25fc1e9c6e634083b1eb608c31100e28f7e72daff78c1a732e91959ec628e270,2025-07-04T12:15:33.553000 +CVE-2025-52798,1,1,643140ecbd7cd15d9b588c9498359b9a77446ce57111dba13602912a7e3d5b95,2025-07-04T12:15:33.737000 CVE-2025-52799,0,0,f5028a24c09763007e3eed281487ce93df81ad20935db161b5fa934774a40839,2025-06-30T18:38:48.477000 CVE-2025-5280,0,0,3c6af0d30a51ecb706066ad212af1114fdaaf7f2415af1fe946985167145905d,2025-05-29T15:50:31.610000 CVE-2025-52802,0,0,3bbd213c305ded541c93d6153b658373bf8ce9d75ca7fde959b797d174cbb307,2025-06-23T20:16:40.143000 +CVE-2025-52805,1,1,63f698b157cadb312d9d1075d582f16ef63c04bbe38b6939a0eec708774f9365,2025-07-04T12:15:33.927000 +CVE-2025-52807,1,1,059cd16f2ea6a9d24d0fe162b829d3eebf3af0ca661385dbe5201903bd168cff,2025-07-04T12:15:34.107000 CVE-2025-52808,0,0,264722595e6ba27b9065f53ef1252aed986d07a4d8107331608224f4bdea61d1,2025-06-30T18:38:48.477000 CVE-2025-52809,0,0,e0db976f97863e8b90579de6742f8b0830cbc45669f6a22ccaa6edaf8948051e,2025-06-30T18:38:48.477000 CVE-2025-5281,0,0,4065baa6ec2536bda486e7298d71ac521380ba5a3be043da1b14156c61e3ebd6,2025-05-29T15:50:25.993000 CVE-2025-52810,0,0,3ef536ab5644db36bed36f9f57e290b83410a91ac339a870d244108bfe704521,2025-06-30T18:38:48.477000 CVE-2025-52811,0,0,88916380a5b0bf5d3138e345d9114c8701bf92cb923bb701ee3b1bf810fcd1e0,2025-06-30T18:38:48.477000 CVE-2025-52812,0,0,274d283096e469aed47f3651aad592ca1448ad0aa62da5d9be96fd2940c87f44,2025-06-30T18:38:48.477000 +CVE-2025-52813,1,1,dde41392f77fce1e2a3ba3c76acc57662ba5d3c903ec3cddcbec6948c8ae5391,2025-07-04T12:15:34.273000 CVE-2025-52814,0,0,0a76fdcb4f9e75be4fd6067991977c8b2d3f3bdbefb4834fd89147a28bc228a9,2025-06-30T18:38:48.477000 CVE-2025-52815,0,0,bc3563b624fe1c8b3289253b3da2640993d4da80643a79037cfd83540c6801f7,2025-06-30T18:38:48.477000 CVE-2025-52816,0,0,1ab5f421dd6d696ffb70bb9546b130cafcd20ab37ee5b0a097c172047fbf32f4,2025-06-30T18:38:48.477000 @@ -298886,8 +298930,13 @@ CVE-2025-52824,0,0,351dd92df1183307d0df204ba321726dfa0b44797469f8905fc2dab11c0d1 CVE-2025-52825,0,0,bfd2129b50cd02ba73ac261df6839665ee9fca96e334d577f196302dba30baad,2025-06-23T20:16:40.143000 CVE-2025-52826,0,0,72a9fee291a4fc6694768e97deb03a4bc851d55f8966b2a155247b9d28a512d1,2025-06-30T18:38:48.477000 CVE-2025-52827,0,0,04da4f456c5a4f30ec7c35209b7acc7cd69257169d05a3aac291d93074f0d62b,2025-06-30T18:38:48.477000 +CVE-2025-52828,1,1,15706c71903314a3f5444d7d5d6f747d3b6ec006ac04112a3766969957a1f2a5,2025-07-04T12:15:34.453000 CVE-2025-52829,0,0,eb4d964acfddba9bd78da4c0fddfa106090ce982a7436b16afafa186380d210d,2025-06-30T18:38:48.477000 CVE-2025-5283,0,0,a8169db79b4666d05c59f16c729749cd032f3753a6abd4a1bda7e79d017ef3ab,2025-05-31T23:15:20.553000 +CVE-2025-52830,1,1,0f46ab6c79c04268e6ea0632491c2f4811315223593905ab872a3e3ccc0e233f,2025-07-04T12:15:34.633000 +CVE-2025-52831,1,1,e323e4cc0d3ea824c55871b7d92c864a965f5fc4fd4721407406e6428446513a,2025-07-04T12:15:34.820000 +CVE-2025-52832,1,1,d1461caf95abbb2c3e733fba4a31e8a760fc76390759324484316ec2489eb855,2025-07-04T12:15:35.020000 +CVE-2025-52833,1,1,2efb7206948dae64151d221b1fd24685f064032677da9adb3cd09bb99d379cb2,2025-07-04T12:15:35.217000 CVE-2025-52834,0,0,4ca40346c1caeb484e6b4cab253e3c17da1f917f108bf85aa6fe3c08b7cc103c,2025-06-30T18:38:48.477000 CVE-2025-52841,0,0,f8e068a9006278a5834628f113e54a0f795a1f7457963e2ccbe9ba5790bb87d4,2025-07-03T15:13:53.147000 CVE-2025-52842,0,0,9056d2ba3d41df43ac19f2a8f2245769713a77a20a1ae420dd61d6d62d2c7561,2025-07-03T15:13:53.147000 @@ -299141,7 +299190,7 @@ CVE-2025-53494,0,0,208fc72eecce6b5a15d2bab2c5d282523f9dc3860f6acdfd211e204b9a94e CVE-2025-53500,0,0,4e600160e0338af8f29e334cc4de18af82b5375f94d3896f9cbf3cc874d5159e,2025-07-03T18:15:22.140000 CVE-2025-53501,0,0,21c335a8cee7517960e84f19187025efcea385227ba1fb22ef8cc3a8c10a8e56,2025-07-03T18:15:22.300000 CVE-2025-53502,0,0,8620e1fa54158c5ea47ec511c9a4e70659635a1ba5079b6185bdce67f385eae0,2025-07-03T18:15:22.530000 -CVE-2025-5351,0,1,25fedbd9afa181a22c5b0bde3da57126f5b842bc3c3c6c6aea00f66ca5be6046,2025-07-04T09:15:37.100000 +CVE-2025-5351,0,0,25fedbd9afa181a22c5b0bde3da57126f5b842bc3c3c6c6aea00f66ca5be6046,2025-07-04T09:15:37.100000 CVE-2025-5353,0,0,a9d9e9f405a59eeaccd7ee5466c700cdd9eae2ba20f2bc9c98c5c42953abdf75,2025-06-12T16:06:39.330000 CVE-2025-5356,0,0,230423e916dccb3eed4f4eea6b8b3a9d8afef34a102c6f9d5aed25dc46913046,2025-06-24T15:20:27.113000 CVE-2025-53566,0,0,8f5babf510fcd94da9441b406df99485ca570ad5d277e709e898225a7fc9fadf,2025-07-04T09:15:35.737000 @@ -299615,7 +299664,7 @@ CVE-2025-5915,0,0,f4817e3f541276db8764595bab47239f1072f31f9c3d32c2caaee3b4950d68 CVE-2025-5916,0,0,77a227907bb56f71f2bfd1bf497899ff1c8f6eb6d2e97956e9c7ee1b79bfbd3d,2025-06-12T16:06:47.857000 CVE-2025-5917,0,0,0b15f8cb6694a25438c80b55bb7a5b265e6faccf484d04cd7c6d5563268713ff,2025-06-12T16:06:47.857000 CVE-2025-5918,0,0,86b80ccf0910833edc22c6b7530445ae3be8c3d5eb7bba766fb3c183b6d35d2b,2025-06-12T16:06:47.857000 -CVE-2025-5920,1,1,5a520c028531cb4155061b510476cf6466ae7ddb66a0dfae81f013209212e61f,2025-07-04T10:15:24.223000 +CVE-2025-5920,0,0,5a520c028531cb4155061b510476cf6466ae7ddb66a0dfae81f013209212e61f,2025-07-04T10:15:24.223000 CVE-2025-5923,0,0,bd32fa6b95a8f310c6b07918d04b1a4cdef7f962ecfa8c2518b68d11b4b0741e,2025-06-16T12:32:18.840000 CVE-2025-5924,0,0,9ba78a539e8693d538bf35030d997b8e8c7185e23c112eda4f626320d2cf5b4e,2025-07-04T03:15:21.240000 CVE-2025-5925,0,0,74cb0f740f96269546a558716b8983e19baddafe2aff8e369ed86d426f629748,2025-06-12T16:06:39.330000 @@ -299693,6 +299742,7 @@ CVE-2025-6041,0,0,f1590bc7f430e44e26265ed5472774b979ce04156432a94e9a184078db1536 CVE-2025-6050,0,0,67e03dde344620698f5a7773057ca524136abcdd721ce9bc82366b3da1039da8,2025-06-17T20:50:23.507000 CVE-2025-6052,0,0,f7b8f6bed96346c732cfe3c58915aaa99b04704580ca581c3769d9ac03c1036c,2025-06-16T12:32:18.840000 CVE-2025-6055,0,0,a1414c05d6a8565eece9cbd85c74aae5128e8846318652e194e65bb36ec8b3a2,2025-06-16T12:32:18.840000 +CVE-2025-6056,1,1,6e2b54c90bf9a14e675e0a469c1983bded7ab2e36e44712169fd3edcc9d2ea8d,2025-07-04T12:15:35.407000 CVE-2025-6059,0,0,84d0ce35ead1515ece8397572c27c6a293b39d090719f8fde70ea6fa5e96acd4,2025-06-16T12:32:18.840000 CVE-2025-6061,0,0,1e4ad2c51e11b85a0411cc0ba0a247fef015fe294ab3ff30c502f60f1836c736,2025-06-16T12:32:18.840000 CVE-2025-6062,0,0,5bf9e4ece70cbb53a8f33b39f23213ffcbb9e338a70925ebae7177b4c0441131,2025-06-16T12:32:18.840000 @@ -300156,6 +300206,7 @@ CVE-2025-6735,0,0,8734d70a00401da0ff9abed01b375db63bfe1b857ecd09eeb97e4130c9f85b CVE-2025-6736,0,0,25903f9d1406c60f622962611fc5443a5d32d3cdb912833a9ad0899ef2f7c32d,2025-06-30T18:38:48.477000 CVE-2025-6738,0,0,3259930ec98b59546eeaeace9fb84641bae60a8fe1ea462b5fb5b4147d4fd671,2025-06-30T18:38:48.477000 CVE-2025-6739,0,0,42e8587a0ef9a977f682fe5bf2e7b84bea08b757c7154d8e297f8504442d9547,2025-07-04T03:15:22.740000 +CVE-2025-6740,1,1,4df025ce77d1adfe2573d12dc431280049a6a66b06d7c4a694ba8dc72df73175,2025-07-04T12:15:35.570000 CVE-2025-6748,0,0,7f8f18ce472108822cda61d00f4ec9b1169d30c9d958ea970ce7bf174900b6ff,2025-06-30T18:38:48.477000 CVE-2025-6749,0,0,d1c491f56475f9982f91a0af7dbfe7ca7d1db32da1110cdac506d65ba7fc1676,2025-06-30T18:38:48.477000 CVE-2025-6750,0,0,f1b454f50a80614e8eea516f2449d507837abfd24769c351c9d643bb9f9983b5,2025-07-01T17:44:05.567000 @@ -300306,4 +300357,6 @@ CVE-2025-6962,0,0,44e91228f386656f0fe7bbc39ade3e56c4211c1c88ec7964c70ae173041289 CVE-2025-6963,0,0,1850847a61a91cf087d068ba6686d6003da6219f5068f201b00a459270304a8a,2025-07-03T15:14:12.767000 CVE-2025-7046,0,0,bfc3f75a19ddf4c011fa35d5d7e3dba1ee0500cd88145609200c5475efeafb9e,2025-07-04T03:15:23.743000 CVE-2025-7053,0,0,7c553631a1754842980c905e7a5036f2578e53e5fdd6a16c5f10c740b90f1d52,2025-07-04T03:15:23.917000 -CVE-2025-7060,1,1,91da01898395bdf026b99c0a46900d94a8a4f57665e6550c84b17fbf8659b9cf,2025-07-04T11:15:51.683000 +CVE-2025-7060,0,0,91da01898395bdf026b99c0a46900d94a8a4f57665e6550c84b17fbf8659b9cf,2025-07-04T11:15:51.683000 +CVE-2025-7061,1,1,15674a6a6cc800d5a0b5940feb3e192f9e740b04c9aff814dfdb24e1d8ce91ae,2025-07-04T13:15:25.987000 +CVE-2025-7066,1,1,998f6b55a42342a8b0f4fda5076c6090356f0a52d1edd36c9bb39b315048f315,2025-07-04T12:15:35.740000