admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-02-25T00:55:55.651837+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-02-25 00:59:24 +00:00
parent dc646d78ad
commit 1269ff274a
12 changed files with 620 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
CVE-2024/CVE-2024-535xx/CVE-2024-53542.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-53542",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:09.410",
"lastModified": "2025-02-24T23:15:09.410",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request."
}
],
"metrics": {},
"references": [
{
"url": "https://secure77.de/smart-time-plus-rce-cve-2024-53543/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-535xx/CVE-2024-53543.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-53543",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:10.540",
"lastModified": "2025-02-24T23:15:10.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConnection endpoint."
}
],
"metrics": {},
"references": [
{
"url": "https://secure77.de/smart-time-plus-rce-cve-2024-53543/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-535xx/CVE-2024-53544.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-53544",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:10.663",
"lastModified": "2025-02-24T23:15:10.663",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQLConnection endpoint."
}
],
"metrics": {},
"references": [
{
"url": "https://secure77.de/smart-time-plus-rce-cve-2024-53543/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-565xx/CVE-2024-56525.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-56525",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:10.793",
"lastModified": "2025-02-24T23:15:10.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in the journal context, and insert a backdoor plugin, by uploading a crafted XML document as a User XML Plugin."
}
],
"metrics": {},
"references": [
{
"url": "https://openjournaltheme.com/user-xml-fatal-vulnerabilities-for-ojs-omp-ops-3-3-0-21-cve-2024-56525/",
"source": "cve@mitre.org"
}
]
}

21
CVE-2024/CVE-2024-576xx/CVE-2024-57685.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2024-57685",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:10.917",
"lastModified": "2025-02-24T23:15:10.917",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in sparkshop v.1.1.7 and before allows a remote attacker to execute arbitrary code via a crafted phar file."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/lhRaMk7/notebook/blob/main/phar_rce",
"source": "cve@mitre.org"
}
]
}

141
CVE-2025/CVE-2025-16xx/CVE-2025-1640.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-1640",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-25T00:15:09.723",
"lastModified": "2025-02-25T00:15:09.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Benner ModernaNet up to 1.1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Home/JS_CarregaCombo?formName=DADOS_PESSOAIS_PLANO&additionalCondition=&insideParameters=&elementToReturn=DADOS_PESSOAIS_PLANO&ordenarPelaDescricao=true&direcaoOrdenacao=asc&_=1739290047295. The manipulation leads to sql injection. The attack may be launched remotely. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/yago3008/CVES",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296690",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296690",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.499115",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-16xx/CVE-2025-1641.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-1641",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-25T00:15:09.913",
"lastModified": "2025-02-25T00:15:09.913",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorariosDoDia?idespec=0&idproced=1103&data=2025-02-25+19%3A25&agserv=0&convenio=1&localatend=1&idplano=5&pesfis=01&idprofissional=0&target=.horarios--dia--d0&_=1739371223797. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.1.1 is able to address this issue. It is recommended to upgrade the affected component."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/yago3008/cves",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296691",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296691",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.499875",
"source": "cna@vuldb.com"
}
]
}

21
CVE-2025/CVE-2025-229xx/CVE-2025-22974.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-22974",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-02-24T23:15:11.033",
"lastModified": "2025-02-24T23:15:11.033",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component."
}
],
"metrics": {},
"references": [
{
"url": "https://github.com/202110420106/CVE/blob/master/seacms/CVE-2025-22974.md",
"source": "cve@mitre.org"
}
]
}

94
CVE-2025/CVE-2025-271xx/CVE-2025-27143.json Normal file
View File

@ -0,0 +1,94 @@
{
"id": "CVE-2025-27143",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-24T23:15:11.160",
"lastModified": "2025-02-24T23:15:11.160",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While the server blocks fully qualified URLs, it incorrectly allows scheme-less URLs. This results in the browser interpreting the URL as a fully qualified URL, leading to unintended redirection. An attacker can exploit this flaw by crafting a malicious verification link and tricking users into clicking it. Upon successful email verification, the user will be automatically redirected to the attacker's website, which can be used for phishing, malware distribution, or stealing sensitive authentication tokens. This CVE is a bypass of the fix for GHSA-8jhw-6pjj-8723/CVE-2024-56734. Version 1.1.21 contains an updated patch."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "LOW",
"subsequentSystemIntegrity": "LOW",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-601"
}
]
}
],
"references": [
{
"url": "https://github.com/better-auth/better-auth/commit/24659aefc35a536b95ea4e5347e52c8803910153",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/better-auth/better-auth/commit/b381cac7aafd6aa53ef78b6ab771ebfa24643c80",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/better-auth/better-auth/releases/tag/v1.1.21",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/better-auth/better-auth/security/advisories/GHSA-8jhw-6pjj-8723",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/better-auth/better-auth/security/advisories/GHSA-hjpm-7mrm-26w8",
"source": "security-advisories@github.com"
}
]
}

86
CVE-2025/CVE-2025-271xx/CVE-2025-27144.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-27144",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-24T23:15:11.427",
"lastModified": "2025-02-24T23:15:11.427",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code used strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service. Version 4.0.5 fixes this issue. As a workaround, applications could pre-validate that payloads passed to Go JOSE do not contain an excessive number of `.` characters."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-770"
}
]
}
],
"references": [
{
"url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
"source": "security-advisories@github.com"
}
]
}

27
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-24T23:00:29.175028+00:00
2025-02-25T00:55:55.651837+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-24T22:15:23.077000+00:00
2025-02-25T00:15:09.913000+00:00
```
### Last Data Feed Release
@ -33,26 +33,29 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
282228
282238
```
### CVEs added in the last Commit
Recently added CVEs: `6`
Recently added CVEs: `10`
- [CVE-2024-57608](CVE-2024/CVE-2024-576xx/CVE-2024-57608.json) (`2025-02-24T22:15:22.157`)
- [CVE-2025-25513](CVE-2025/CVE-2025-255xx/CVE-2025-25513.json) (`2025-02-24T22:15:22.807`)
- [CVE-2025-26533](CVE-2025/CVE-2025-265xx/CVE-2025-26533.json) (`2025-02-24T21:15:11.057`)
- [CVE-2025-27137](CVE-2025/CVE-2025-271xx/CVE-2025-27137.json) (`2025-02-24T21:15:11.213`)
- [CVE-2025-27140](CVE-2025/CVE-2025-271xx/CVE-2025-27140.json) (`2025-02-24T22:15:22.913`)
- [CVE-2025-27141](CVE-2025/CVE-2025-271xx/CVE-2025-27141.json) (`2025-02-24T22:15:23.077`)
- [CVE-2024-53542](CVE-2024/CVE-2024-535xx/CVE-2024-53542.json) (`2025-02-24T23:15:09.410`)
- [CVE-2024-53543](CVE-2024/CVE-2024-535xx/CVE-2024-53543.json) (`2025-02-24T23:15:10.540`)
- [CVE-2024-53544](CVE-2024/CVE-2024-535xx/CVE-2024-53544.json) (`2025-02-24T23:15:10.663`)
- [CVE-2024-56525](CVE-2024/CVE-2024-565xx/CVE-2024-56525.json) (`2025-02-24T23:15:10.793`)
- [CVE-2024-57685](CVE-2024/CVE-2024-576xx/CVE-2024-57685.json) (`2025-02-24T23:15:10.917`)
- [CVE-2025-1640](CVE-2025/CVE-2025-16xx/CVE-2025-1640.json) (`2025-02-25T00:15:09.723`)
- [CVE-2025-1641](CVE-2025/CVE-2025-16xx/CVE-2025-1641.json) (`2025-02-25T00:15:09.913`)
- [CVE-2025-22974](CVE-2025/CVE-2025-229xx/CVE-2025-22974.json) (`2025-02-24T23:15:11.033`)
- [CVE-2025-27143](CVE-2025/CVE-2025-271xx/CVE-2025-27143.json) (`2025-02-24T23:15:11.160`)
- [CVE-2025-27144](CVE-2025/CVE-2025-271xx/CVE-2025-27144.json) (`2025-02-24T23:15:11.427`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2024-13636](CVE-2024/CVE-2024-136xx/CVE-2024-13636.json) (`2025-02-24T22:15:11.277`)
## Download and Usage

24
_state.csv
View File

@ -246791,7 +246791,7 @@ CVE-2024-13625,0,0,556dbc652a367567d8dc0a1aca4ef96fa3721288585ae7ce8b84a84c5a8c1
CVE-2024-13626,0,0,5f376c892890a386d15b17c9d9f7768803772784cb9f45a9f61e63e74ea1223e,2025-02-19T22:15:22.753000
CVE-2024-13627,0,0,faf1d9bd245281ef1f9edc55f8aca71639e95b5ef38efdbbf353c5fc7ae2924c,2025-02-19T19:15:14.720000
CVE-2024-1363,0,0,d8d6ccccee9c9def4bc84105015213aa12c981523f1a518cfb483c29cffbd734,2024-11-21T08:50:25.093000
CVE-2024-13636,0,1,060ea877f973da3e3139131075fc6b65a68ba520ee71166120bdf003d38b6862,2025-02-24T22:15:11.277000
CVE-2024-13636,0,0,060ea877f973da3e3139131075fc6b65a68ba520ee71166120bdf003d38b6862,2025-02-24T22:15:11.277000
CVE-2024-13639,0,0,071381e5184000ecf8c72dcde14c2011c1cb4ea4b355e15fb5e9c5b4fb270c14,2025-02-18T18:15:51.587000
CVE-2024-1364,0,0,47f33fd19586ab96196a2cb0337c2030aca42f1bd8c4ab84cfa2e52c3dbe5e59,2024-11-21T08:50:25.223000
CVE-2024-13641,0,0,cd1890f30f24c13413424555c34b5a8741240269cfb8c1f67ec9e1b8c16fa87b,2025-02-14T06:15:19.957000
@ -272786,6 +272786,9 @@ CVE-2024-53526,0,0,bc5f19d2f051183a95544adcafd452a82c4d307b983121af7f17d196af8eb
CVE-2024-5353,0,0,797e03a5615e2bede928ac816012d8783c471de5bd74a0480881887afd7a657a,2024-11-21T09:47:28.863000
CVE-2024-53537,0,0,998d51e6807baacce6b9daafc17e8fac4083f8aca4268561cf6e0645830b6350,2025-02-18T19:15:18.083000
CVE-2024-5354,0,0,e179ff0fdd33289a32ca4c68c73a51c0aa8ddee9c94944cd1d4fd7185f36a76c,2024-11-21T09:47:28.997000
CVE-2024-53542,1,1,979de5ac0ee8ab3d3ceb0d99ade6cf88535af9aa8960b448b7a5aec4766f3aaa,2025-02-24T23:15:09.410000
CVE-2024-53543,1,1,2ed10669bbb7ccca57c3f53096b08fec178d3070c1b9eeaa08ab25cf15a19e31,2025-02-24T23:15:10.540000
CVE-2024-53544,1,1,5940a53d90185103a5ea7f7b05f0da10fa7d8c5017f54752e9bf5bab40310fc0,2025-02-24T23:15:10.663000
CVE-2024-5355,0,0,5ae56d862872a5268a44df2d0e26a54aa307acbf5ff2835727472c989e377b6d,2024-11-21T09:47:29.130000
CVE-2024-53552,0,0,4cbf8fbe1c1d8b81113efcd1116951d33bdd9cbf11887cfd2671d9f28438541a,2024-12-11T16:15:14.373000
CVE-2024-53553,0,0,f76cd837b8044f3ae7bee9c286ff4b43a72406724cd6dd80c83638da1316919f,2025-02-03T21:15:13.667000
@ -274414,6 +274417,7 @@ CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817a
CVE-2024-56520,0,0,ff4fb3d2adb6c71c503d044fa0b3b3389f24638650ec092efa0e72e1ef66ddd5,2025-01-02T20:16:07.280000
CVE-2024-56521,0,0,5825673c82589e84af39abc3cdc30eb7e41a3356451a7b175ec0e6d80e41cea5,2025-02-18T22:15:13.147000
CVE-2024-56522,0,0,c0719b044dbc0fcdc0d4eaed012a8c95725e84ecda329fba60f601478e6101fc,2024-12-30T16:15:11.920000
CVE-2024-56525,1,1,634fc4eeebe898fc445ad7e3808bd6b236092bf133af0f2522984508e8009a41,2025-02-24T23:15:10.793000
CVE-2024-56527,0,0,5e8b0b74f38f7ebb35ac054d85b65473e6189ebf6dac534e9c9a780daa1047f5,2025-02-18T22:15:13.270000
CVE-2024-56529,0,0,b5e6c43b0e693d516ac7d8945d0f1e377badc88e38b14416efa9236d9ce55101,2025-02-18T19:15:19.587000
CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000
@ -275011,7 +275015,7 @@ CVE-2024-57603,0,0,8818c006a29d6f4bd13b4237aca8900d379684c37788b65eab93543c45a04
CVE-2024-57604,0,0,543c5b4910b41c72e908210bd3581236fe15916a3051d75b0cb98013a23bf9f9,2025-02-18T18:15:27.827000
CVE-2024-57605,0,0,7963b6f1477133cb94cbd1a3b1ada130c7fa95a02e2999810ff3a185f251a2ce,2025-02-18T18:15:27.983000
CVE-2024-57606,0,0,282e31e88d82eac2f58eed0179e45942a66af52f2bd7847e92a7866919540d55,2025-02-18T19:15:22.280000
CVE-2024-57608,1,1,4db4a039024361010a94538fd2696a2c6c6a3deeb62e035387a43fb1117798b9,2025-02-24T22:15:22.157000
CVE-2024-57608,0,0,4db4a039024361010a94538fd2696a2c6c6a3deeb62e035387a43fb1117798b9,2025-02-24T22:15:22.157000
CVE-2024-57609,0,0,7e89dbfffc522c22f84645f0c7d618897ea46d1866f82abe6573f3d9437ce18a,2025-02-10T22:15:36.660000
CVE-2024-5761,0,0,1fdad964c86313b412878f67fac5999c9a1ea015b844614bc58b000414661a53,2024-06-07T19:15:24.467000
CVE-2024-57610,0,0,fb8a513d5a0e34ee3275d17e53b163d875527cc466c4bde851405005eb787883,2025-02-07T16:15:38.303000
@ -275087,6 +275091,7 @@ CVE-2024-57681,0,0,46f40990744fd749d4a9af1e8df7c4b5a0bf9ba88074a44657f2ef0606699
CVE-2024-57682,0,0,ba4697aa7ced6095caedc3387a0a1add163335f15a4c7e96b7b3a02a7a9c468f,2025-02-03T20:15:36.063000
CVE-2024-57683,0,0,90a07d3676c8ceb8f75a6cba51bb9c84a613aace3c1524f48e2a9bfdcd2b0e79,2025-02-03T20:15:36.223000
CVE-2024-57684,0,0,bb9784b081b8abb57890ab5a23ebb4f4e85b9b747d00a9882042baa37a4ca976,2025-01-16T20:15:33.340000
CVE-2024-57685,1,1,712bcda34874e20357f921514e577cb14b0b3c02eb819deba96dced27414fe36,2025-02-24T23:15:10.917000
CVE-2024-57686,0,0,b3e63d1143d51418c4b781604a7d8057cd24cd176983b575e43942d597c27148,2025-02-11T22:15:29.520000
CVE-2024-57687,0,0,3f591284140d188a0181694e131e95eee1c6490731d9aebb4db57934394e9a88,2025-01-10T16:15:29.670000
CVE-2024-5769,0,0,abfeb18ae91d2e4533cdbeb4bf7ad73d20beb760222f23226220c40a5c6d9f91,2025-01-09T11:15:16.127000
@ -279754,6 +279759,8 @@ CVE-2025-1617,0,0,f8b5d497942700d9485e4f9475a52f7ce71fe3f54483032059a95f27d690d0
CVE-2025-1618,0,0,5653f37c834d7e927ebdf4835f8b4b2db1c30742d0495922546989d808169e24,2025-02-24T05:15:10.980000
CVE-2025-1629,0,0,60983f0ba0e5f0b685c866a67c52df667d2bfe57a6c3421095271a3cf3a2da01,2025-02-24T05:15:11.280000
CVE-2025-1632,0,0,e4d830f0038f1d0ec1a385180555c2b78df11cbe25ede30530c1c285ee3eb6b4,2025-02-24T15:15:13.217000
CVE-2025-1640,1,1,c9144f1d36a671c5c294220717c102bbee784a06194946bddd82d757b17db602,2025-02-25T00:15:09.723000
CVE-2025-1641,1,1,3e60680d02c32355c7c51637987e868a5b83b44bf51944f0dde54e34ed255aca,2025-02-25T00:15:09.913000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000
@ -280735,6 +280742,7 @@ CVE-2025-22963,0,0,12477de813cda7364e5796cbdb911aad8e18d4387dfeeba96b71ade7cc11b
CVE-2025-22964,0,0,6f4095b29312f46a36413a75c5449d4448cc7574209011a37c7cdb11e5f0802a,2025-02-03T19:15:14.207000
CVE-2025-22968,0,0,d3d48189e9b72af1c9aeb72931ff25b490499842dd9dca10fe5551a85839cd34,2025-02-18T22:15:18.143000
CVE-2025-22973,0,0,b448437ac24e0d115300ac0a18a33b0f031d26cd6428b09fcc05bcdedc10d677,2025-02-21T18:15:32.480000
CVE-2025-22974,1,1,8fcb6efe31d178a3db96729e4a369a23148b5cef60ab1f0b278bdcdfefb295d4,2025-02-24T23:15:11.033000
CVE-2025-22976,0,0,34e44a1193299f2815c5773a405812b482572222a2b2eca4f8d55245112e8b61,2025-02-03T19:15:14.397000
CVE-2025-22978,0,0,c26d3b35b5f5b247c22bc9e725ddb59da99594ad5fac650f59f0b0b41ffbe946,2025-02-18T19:15:26.930000
CVE-2025-22980,0,0,90bf7bf36cc737404c9d40dc6715966f270a478ee523b3c5a983294878d28120,2025-01-28T22:15:16.890000
@ -281918,7 +281926,7 @@ CVE-2025-25475,0,0,da2a2d1f29106b1a0859c6a65cc60cebccb336e99ff5a9bda978918b583eb
CVE-2025-25505,0,0,c69812bbe3b275d3bc181fb00a5a8c8f1f26c31684ed982db7260503469e7b3d,2025-02-21T21:15:23.723000
CVE-2025-25507,0,0,de0377abf29412c164b8ddbcc15e82dfdb0b23020e12eca7c6e04a6e73ed3fd7,2025-02-21T21:15:23.870000
CVE-2025-25510,0,0,4997c3387297db121e4e9c1042fc244ebe3429ef8058fdf6dffa5196020cd974,2025-02-21T21:15:24.023000
CVE-2025-25513,1,1,e1943590b94885dd95437dc0873156668d062e8b298f484c30409dc6927e7d11,2025-02-24T22:15:22.807000
CVE-2025-25513,0,0,e1943590b94885dd95437dc0873156668d062e8b298f484c30409dc6927e7d11,2025-02-24T22:15:22.807000
CVE-2025-25522,0,0,9f2c0bc0a6dbb67154353c2da3969483621b5d35364f73acfaa2a34b0ff5a40b,2025-02-13T17:17:20.517000
CVE-2025-25523,0,0,9c6d5a6c8c747b7673e69ebf58bf535f17db00e0831b58073ddd586410cf36d9,2025-02-13T18:18:23.400000
CVE-2025-25524,0,0,40af9c5e5be067f2e684b500c6cae4a5dab6d519bde35d9c0fd3353781274a87,2025-02-13T18:18:23.597000
@ -282072,7 +282080,7 @@ CVE-2025-26529,0,0,a4ee1915d14b95ea82ab1944c3df3a492d57176e49f9ca84129b30a726b6a
CVE-2025-26530,0,0,63219eb639d784006748b7e9b7585eb4cb931b1cccb20a31dfcf93c2af986358,2025-02-24T20:15:33.807000
CVE-2025-26531,0,0,4454ead5716d53108591ae776002c8d02ed96d405f2b930f023008b300798475,2025-02-24T20:15:33.933000
CVE-2025-26532,0,0,598f624e5c9d1c4c60a7140797a329e77af0a449c9c4b34a91bafc0972369445,2025-02-24T20:15:34.053000
CVE-2025-26533,1,1,2e8a56b149dbe20ccfc4e827ae1bcb7f473041b99ea11c02d4ecd8f4b9b62686,2025-02-24T21:15:11.057000
CVE-2025-26533,0,0,2e8a56b149dbe20ccfc4e827ae1bcb7f473041b99ea11c02d4ecd8f4b9b62686,2025-02-24T21:15:11.057000
CVE-2025-26538,0,0,1b562cf933ca4f85387b9ad113a7e0bff6d82f6dfd74192b752d3543af30d3f6,2025-02-13T14:16:19.100000
CVE-2025-26539,0,0,276f32835753e35ddba03e434efdb4b7cdb02fdf3cdfcf4922e56feaff65d802,2025-02-13T14:16:19.383000
CVE-2025-26543,0,0,b3dbce2448f1125de716ecbc885f7a4be61adfbd3d23eb6c2c769d8219c9a560,2025-02-18T18:15:36.597000
@ -282172,9 +282180,11 @@ CVE-2025-27109,0,0,887a9677b59d7647aa063bf92caff49be61f0df690b2560df78fd44f58dfd
CVE-2025-27112,0,0,ee0d927c6fb13b15cf89a5e5e15c73d10b42a1b52bf52c1bf9cbd01c1bbcaebd,2025-02-24T19:15:14.597000
CVE-2025-27113,0,0,d170fa3c72db3eb74309693f02d592d61ed72cb3e9e67a063d1482cf1b9614a1,2025-02-18T23:15:10.960000
CVE-2025-27133,0,0,29844716abafc4dda273789005e3e16abe4d7d6eca7ec6dff9bfc7d4679fc1f2,2025-02-24T19:15:14.763000
CVE-2025-27137,1,1,5036444bad86a0c9ebb929b7c838035a7163ade99e11b550d9873b63f4ee5567,2025-02-24T21:15:11.213000
CVE-2025-27140,1,1,2964053422621195e160e6550b952cf184c5edc007d9580344eb7b008bf03c85,2025-02-24T22:15:22.913000
CVE-2025-27141,1,1,19a3c923af6f6f4189d4be91702969bf59100e645a0e1d60c810d2a5f034238b,2025-02-24T22:15:23.077000
CVE-2025-27137,0,0,5036444bad86a0c9ebb929b7c838035a7163ade99e11b550d9873b63f4ee5567,2025-02-24T21:15:11.213000
CVE-2025-27140,0,0,2964053422621195e160e6550b952cf184c5edc007d9580344eb7b008bf03c85,2025-02-24T22:15:22.913000
CVE-2025-27141,0,0,19a3c923af6f6f4189d4be91702969bf59100e645a0e1d60c810d2a5f034238b,2025-02-24T22:15:23.077000
CVE-2025-27143,1,1,f6196a31f6bc594bd6a78f99bac329907739405671eed3f73a517d781727c862,2025-02-24T23:15:11.160000
CVE-2025-27144,1,1,1943a5ebc9fa4ebdac773d12aa5884bfb6e27a53701e1ad9e8e73a5ce013ecba,2025-02-24T23:15:11.427000
CVE-2025-27218,0,0,efa55c2dc9300fcbe5554c514f0fd9c100e33cfb72ff20b2eedb0bf35dee5b0b,2025-02-20T21:15:26.510000
CVE-2025-27265,0,0,f92ef224928c265ed828ba40cf1c61290404ad79163953c8c2df56f81d7b8ab6,2025-02-24T15:15:14.310000
CVE-2025-27266,0,0,7b4f333de7657eb474765345c5822ee79cdee853af3b515f2a266de5b5a75147,2025-02-24T15:15:14.443000

Can't render this file because it is too large.