Auto-Update: 2025-06-17T10:00:20.509125+00:00

2025-06-19 17:31:42 +00:00 · 2025-06-17 10:03:58 +00:00 · 2025-06-17 10:03:58 +00:00 · 16300dafcf
commit 16300dafcf
parent 6c7c0c597f
6 changed files with 112 additions and 28 deletions
--- a/CVE-2024/CVE-2024-471xx/CVE-2024-47196.json
+++ b/CVE-2024/CVE-2024-471xx/CVE-2024-47196.json
@ -2,13 +2,13 @@
  "id": "CVE-2024-47196",
  "sourceIdentifier": "productcert@siemens.com",
  "published": "2024-10-08T09:15:17.563",
-  "lastModified": "2024-10-16T18:07:38.850",
+  "lastModified": "2025-06-17T09:15:22.873",
-  "vulnStatus": "Analyzed",
+  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
-      "value": "A vulnerability has been identified in ModelSim (All versions < V2024.3), Questa (All versions < V2024.3). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory."
+      "value": "A vulnerability has been identified in ModelSim (All versions < V2025.2), Questa (All versions < V2025.2). vsimk.exe in affected applications allows a specific tcl file to be loaded from the current working directory. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges in installations where administrators or processes with elevated privileges launch vsimk.exe from a user-writable directory."
    },
    {
      "lang": "es",
@ -106,7 +106,7 @@
  "weaknesses": [
    {
      "source": "productcert@siemens.com",
-      "type": "Primary",
+      "type": "Secondary",
      "description": [
        {
          "lang": "en",
--- a/CVE-2025/CVE-2025-406xx/CVE-2025-40674.json
+++ b/CVE-2025/CVE-2025-406xx/CVE-2025-40674.json
@ -0,0 +1,78 @@
 {
  "id": "CVE-2025-40674",
  "sourceIdentifier": "cve-coordination@incibe.es",
  "published": "2025-06-17T09:15:23.650",
  "lastModified": "2025-06-17T09:15:23.650",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected Cross-Site Scripting (XSS) in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the name of any parameter in /watch/en/about-us. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cve-coordination@incibe.es",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.1,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "ACTIVE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cve-coordination@incibe.es",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://www.incibe.es/en/incibe-cert/notices/aviso/reflected-cross-site-scripting-xss-oscommerce",
      "source": "cve-coordination@incibe.es"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-487xx/CVE-2025-48797.json
+++ b/CVE-2025/CVE-2025-487xx/CVE-2025-48797.json
@ -2,7 +2,7 @@
  "id": "CVE-2025-48797",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2025-05-27T14:15:24.140",
-  "lastModified": "2025-05-28T15:01:30.720",
+  "lastModified": "2025-06-17T09:15:24.120",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -52,6 +52,10 @@
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/errata/RHSA-2025:9162",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2025-48797",
      "source": "secalert@redhat.com"
--- a/CVE-2025/CVE-2025-487xx/CVE-2025-48798.json
+++ b/CVE-2025/CVE-2025-487xx/CVE-2025-48798.json
@ -2,7 +2,7 @@
  "id": "CVE-2025-48798",
  "sourceIdentifier": "secalert@redhat.com",
  "published": "2025-05-27T14:15:24.307",
-  "lastModified": "2025-05-28T15:01:30.720",
+  "lastModified": "2025-06-17T09:15:24.280",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
@ -52,6 +52,10 @@
    }
  ],
  "references": [
    {
      "url": "https://access.redhat.com/errata/RHSA-2025:9162",
      "source": "secalert@redhat.com"
    },
    {
      "url": "https://access.redhat.com/security/cve/CVE-2025-48798",
      "source": "secalert@redhat.com"
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-06-17T08:00:22.184346+00:00
+2025-06-17T10:00:20.509125+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-06-17T07:15:18.630000+00:00
+2025-06-17T09:15:24.280000+00:00
 ```
 ### Last Data Feed Release
@ -33,26 +33,23 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-298108
+298109
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `6`
+Recently added CVEs: `1`
- [CVE-2025-5209](CVE-2025/CVE-2025-52xx/CVE-2025-5209.json) (`2025-06-17T06:15:21.870`)
+- [CVE-2025-40674](CVE-2025/CVE-2025-406xx/CVE-2025-40674.json) (`2025-06-17T09:15:23.650`)
 - [CVE-2025-6164](CVE-2025/CVE-2025-61xx/CVE-2025-6164.json) (`2025-06-17T06:15:22.023`)
 - [CVE-2025-6165](CVE-2025/CVE-2025-61xx/CVE-2025-6165.json) (`2025-06-17T06:15:22.260`)
 - [CVE-2025-6166](CVE-2025/CVE-2025-61xx/CVE-2025-6166.json) (`2025-06-17T06:15:22.467`)
 - [CVE-2025-6167](CVE-2025/CVE-2025-61xx/CVE-2025-6167.json) (`2025-06-17T07:15:18.330`)
 - [CVE-2025-6173](CVE-2025/CVE-2025-61xx/CVE-2025-6173.json) (`2025-06-17T07:15:18.630`)
 ### CVEs modified in the last Commit
-Recently modified CVEs: `1`
+Recently modified CVEs: `3`
- [CVE-2022-45699](CVE-2022/CVE-2022-456xx/CVE-2022-45699.json) (`2025-06-17T06:15:21.230`)
+- [CVE-2024-47196](CVE-2024/CVE-2024-471xx/CVE-2024-47196.json) (`2025-06-17T09:15:22.873`)
 - [CVE-2025-48797](CVE-2025/CVE-2025-487xx/CVE-2025-48797.json) (`2025-06-17T09:15:24.120`)
 - [CVE-2025-48798](CVE-2025/CVE-2025-487xx/CVE-2025-48798.json) (`2025-06-17T09:15:24.280`)
 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -210976,7 +210976,7 @@ CVE-2022-4569,0,0,4a2599063fefb513ab23f360a9f2529d620d0c97fa1dc35085c7a5a3cf6311
 CVE-2022-45690,0,0,a5861ee59215405b9e0a67e2b46d796e8da8b6e78efaf9946949642c0238c19c,2025-04-22T15:16:05.057000
 CVE-2022-45693,0,0,16e0fdae126746a476c4d8896dad9274b38ecbc704e8591fb4b8e1894c95050a,2025-04-22T15:16:05.277000
 CVE-2022-45697,0,0,34e5f81a9d7d780bc32c7f8e99772f6393c876c7e4c870d659e3da43d3fa8093,2024-11-21T07:29:36.173000
-CVE-2022-45699,0,1,0f78ff7cfdaa963a27bca80c4b3c4925736061e38fec3ac933fe895e5a7a166c,2025-06-17T06:15:21.230000
+CVE-2022-45699,0,0,0f78ff7cfdaa963a27bca80c4b3c4925736061e38fec3ac933fe895e5a7a166c,2025-06-17T06:15:21.230000
 CVE-2022-4570,0,0,652e15e74f170db1f925bb2be4df601dc66acc8744718cac77f424af8ede0b47,2025-04-02T16:15:25.590000
 CVE-2022-45701,0,0,4a857c13ecb2a2a96d48dbca497cbe2908e1b5647bdee259a6e0e187974e1465,2025-03-18T16:15:14.017000
 CVE-2022-45703,0,0,587c7dc85b26b1aff8741752b40539a9f3d66e4c4b13a5463c19d08e410af2f7,2024-11-21T07:29:36.610000
@ -270828,7 +270828,7 @@ CVE-2024-47191,0,0,8931a18420d43e304a3461682789339ad25e6278b3ea12df6b09841677348
 CVE-2024-47193,0,0,5c2413eb39773bf152714d520922b599c22790d53f81cf61dbd60e83893a1e2c,2024-11-29T18:15:09.090000
 CVE-2024-47194,0,0,4741597631024ca20381e200badaa4b9c33ffa3bf5de9a3c53086275667b7635,2024-10-16T18:15:04.043000
 CVE-2024-47195,0,0,d2929e17d0fd654f4ec79cc2b70c1157856ae43b02d1a856ce444c7d190677a0,2024-10-16T18:11:29.990000
-CVE-2024-47196,0,0,8609c7f557ab1dbb4342d1b4f7f17e96909f6d916055e2db0fe4e74298ea9040,2024-10-16T18:07:38.850000
+CVE-2024-47196,0,1,949ac6a573b1699df8bc7b97c95fc71cd1d93320a448f65921cab22bef036f04,2025-06-17T09:15:22.873000
 CVE-2024-47197,0,0,00ca8e5c189a394fbe03c26b57f2be0f93f318d55a08c2e0f86596fe62491b55,2025-03-17T18:15:18.883000
 CVE-2024-4720,0,0,8d235bb8e292bd686ae088d90cd0e6890265203019e38c38b3c2506606baf464,2025-02-20T20:23:38.033000
 CVE-2024-47208,0,0,5bc7842af09d178c24d95c055c13b33b237ccb6628ceeb20517578a7cc1b088c,2024-11-21T09:39:31.100000
@ -294463,6 +294463,7 @@ CVE-2025-40670,0,0,b1d70447d302709ed16a75a865e7ebd1d2076947821b2210ebfec6a8b2f08
 CVE-2025-40671,0,0,434fcb0f85fca3f9d859442da381d4e1454f2c968132e3a6b8db7392906ce4f0,2025-05-28T15:01:30.720000
 CVE-2025-40672,0,0,16bc6b87ff9caf15184dbd8991107d7b17c5beb8ff9d9c80bdf9b979ca591b75,2025-05-28T15:01:30.720000
 CVE-2025-40673,0,0,b579e57f63d588753084335ab891fb47997b91677321939dfff9acbc408e6ab4,2025-05-28T15:01:30.720000
 CVE-2025-40674,1,1,167e1904a76e7b9cf9cc87925749c6154412d4f66ebf7533a041aa06eb62b1ce,2025-06-17T09:15:23.650000
 CVE-2025-40675,0,0,654293ef1440eaa459ce9cb8c09f3edfd6a9e09aa98cb712b7c0ab443f6d7b48,2025-06-09T12:15:47.880000
 CVE-2025-4068,0,0,3e3326c67789178a2e89dd2c7182f86f8b00ff853809cd66d0d99e3251986e87,2025-05-28T17:27:28.983000
 CVE-2025-4069,0,0,72c3e148c8cf8c4d5070733c3b3e33573ee47e1d4dc46e158ed5117d25968f25,2025-05-28T17:26:13.450000
@ -296876,8 +296877,8 @@ CVE-2025-48792,0,0,2c0b02c33ee81c6b1c7f3bc9767aecae1b833af65e4351c0dd81998c4a119
 CVE-2025-48793,0,0,c894ec9ed8b3b5d1fda9891ce2808a0fb7689dd63eec3c7bb7e9e649736a365c,2025-05-27T04:15:41.090000
 CVE-2025-48794,0,0,0f60a10fd5bbac90e9e184a916afa3ee1c6a6178325620c93725d026aac184ad,2025-05-27T04:15:41.160000
 CVE-2025-48796,0,0,5c467d1a2669d77ceb69e55cea05d09cde2aaa034119240321683e5490565638,2025-05-28T15:01:30.720000
-CVE-2025-48797,0,0,c68f0ebf50c118d7ddbb1e39c30af375db74c33fe915c691f011dc96a6628a63,2025-05-28T15:01:30.720000
+CVE-2025-48797,0,1,c6c91127b66799676d199b306b52029cb4f299e8840c6f831f77b66f1718c614,2025-06-17T09:15:24.120000
-CVE-2025-48798,0,0,4804c012d77b1aa343aaa1ee6a48cee243c1763b892c9b1359aa4be5944fe55e,2025-05-28T15:01:30.720000
+CVE-2025-48798,0,1,fbfe22056ef53bb55ecd872f68aa24c36df95c4b87b1cb11dd59160d244dee2b,2025-06-17T09:15:24.280000
 CVE-2025-4880,0,0,e66433f376d95dc941d17745f27a53d60427f87111077aee793bacaa1dd21351,2025-05-21T17:33:42.373000
 CVE-2025-4881,0,0,3fdda22eaf1afa96c9c6bfb121fd7cc7da116831a6f494c0b7df343d1eed58c4,2025-05-21T19:38:39.660000
 CVE-2025-4882,0,0,9ae533a1d17c0bc7b22051d58510b828885d48326cbc794d7bf23ceba43e10c0,2025-05-21T19:38:24.990000
@ -297439,7 +297440,7 @@ CVE-2025-5205,0,0,4e2cf941cdcf5c4895f1e6095123f642f58566d13011fecdf14fc65595d0e6
 CVE-2025-5206,0,0,feed10da244a1180a12944193b9a34afaab380339e02b711b6b86c10a65dd729,2025-06-05T14:14:49.180000
 CVE-2025-5207,0,0,e402cb7000c0d3ec5faf704526317d521bb7be7fab48c7474536b7fb38ce6981,2025-06-05T14:14:30.010000
 CVE-2025-5208,0,0,9e9535cfb50c25096d995fee715ad33ab744750f67296c60cac7b3a386d28ef1,2025-06-05T14:14:06.397000
-CVE-2025-5209,1,1,18de08a2c0ee6029700d8d70a51689f7a0861aee6fd04242ed819b2ba538811e,2025-06-17T06:15:21.870000
+CVE-2025-5209,0,0,18de08a2c0ee6029700d8d70a51689f7a0861aee6fd04242ed819b2ba538811e,2025-06-17T06:15:21.870000
 CVE-2025-5210,0,0,7f798974cbc440c4e4dd8009e513c3eb9007b33b9ead67a41eab0bd81192fbbf,2025-06-05T14:13:54.527000
 CVE-2025-5211,0,0,8f4ed9a6be734738ba7e8af34dfd90276884a544fade7898e9f11540d4e9c7c6,2025-06-05T14:13:12.777000
 CVE-2025-5212,0,0,09bde77c0a73fbc6c1f35bedb61d3c4c409f9d9416e30903b1d4777f1733a256,2025-06-05T14:12:55.247000
@ -298097,13 +298098,13 @@ CVE-2025-6160,0,0,b5a005f0cb3af7af3cbd83f95c58b0de1833f0c1a8794260093b19e9d4e154
 CVE-2025-6161,0,0,04ef0d4ea23661165f29c62c6f3f4f4ce80da3c1c05907386de341f49b851245,2025-06-17T05:15:21.833000
 CVE-2025-6162,0,0,af3afed5c97f174bc1ec87fa874c16055bff42df943207923f306c6d9965be16,2025-06-17T05:15:22.053000
 CVE-2025-6163,0,0,7bc2b2f48c2420316b423e722c94da079d7d1613e6a363e835137d32165dbd9d,2025-06-17T05:15:22.267000
-CVE-2025-6164,1,1,829b92e5c4f317cd5a0872b32057c9a2f75419abedff68edd26f6957c7ebe18e,2025-06-17T06:15:22.023000
+CVE-2025-6164,0,0,829b92e5c4f317cd5a0872b32057c9a2f75419abedff68edd26f6957c7ebe18e,2025-06-17T06:15:22.023000
-CVE-2025-6165,1,1,41b2370d3cc27ce834842f6ceb221fed031ba52a73c12b0d4604f06ea0872dbf,2025-06-17T06:15:22.260000
+CVE-2025-6165,0,0,41b2370d3cc27ce834842f6ceb221fed031ba52a73c12b0d4604f06ea0872dbf,2025-06-17T06:15:22.260000
-CVE-2025-6166,1,1,84d7790ab9d838ce3eaafa1616fc3786a151d0d2725a5e07d244018d733bfa16,2025-06-17T06:15:22.467000
+CVE-2025-6166,0,0,84d7790ab9d838ce3eaafa1616fc3786a151d0d2725a5e07d244018d733bfa16,2025-06-17T06:15:22.467000
-CVE-2025-6167,1,1,2795af94fd7d4d295d3d1376b505259446423090eb7abd25b203e8b7a501cc61,2025-06-17T07:15:18.330000
+CVE-2025-6167,0,0,2795af94fd7d4d295d3d1376b505259446423090eb7abd25b203e8b7a501cc61,2025-06-17T07:15:18.330000
 CVE-2025-6169,0,0,24b56c63dd5c2b9799043dae6dc3b75a3e06e9ee630be707f681a9bb09cd5b58,2025-06-16T12:32:18.840000
 CVE-2025-6170,0,0,b6c9e594edbf46197f9f9a30d565b603f055d40c252eab039c7ec60bb43a9554,2025-06-16T16:15:20.430000
 CVE-2025-6172,0,0,df5b11377ae2bcb860baea092fdadde3351cf8aeca30edf92e0d7977024948be,2025-06-16T17:15:31.503000
-CVE-2025-6173,1,1,b45a6b702ab24652eaa476aa59a0195c34f8c8dfa2fb7597b68d873f98cdb621,2025-06-17T07:15:18.630000
+CVE-2025-6173,0,0,b45a6b702ab24652eaa476aa59a0195c34f8c8dfa2fb7597b68d873f98cdb621,2025-06-17T07:15:18.630000
 CVE-2025-6177,0,0,4366e6ccec4e1fee6021c14403a53e901267cccb403243623e65ac51819fb0ad,2025-06-16T18:15:22.210000
 CVE-2025-6179,0,0,e03ccb1aee3fb84a10b1e8e244344864b6bf168e1fae419ef2706d5012538f33,2025-06-16T17:15:32.053000