admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-01-04T19:00:21.429719+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-01-04 19:03:44 +00:00
parent 48b9c69d19
commit 1704cdf793
4 changed files with 301 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
CVE-2025/CVE-2025-02xx/CVE-2025-0213.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-0213",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-04T17:15:06.743",
"lastModified": "2025-01-04T17:15:06.743",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Campcodes Project Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /forms/update_forms.php?action=change_pic2&id=4. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://github.com/shaturo1337/POCs/blob/main/Remote%20Code%20Execution%20via%20Arbitrary%20File%20Upload%20in%20Project%20Management%20System.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290158",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290158",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.474200",
"source": "cna@vuldb.com"
},
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-02xx/CVE-2025-0214.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-0214",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-01-04T17:15:07.507",
"lastModified": "2025-01-04T17:15:07.507",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in TMD Custom Header Menu 4.0.0.1 on OpenCart. It has been rated as problematic. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument headermenu_id leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.1,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 0.7,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "MULTIPLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.2,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://gist.github.com/mcdruid/ff4f29f4e7830e9e91988c7195d77039",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.290159",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.290159",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.474299",
"source": "cna@vuldb.com"
}
]
}

17
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-01-04T17:00:19.677645+00:00
2025-01-04T19:00:21.429719+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-01-04T16:15:23.003000+00:00
2025-01-04T17:15:07.507000+00:00
```
### Last Data Feed Release
@ -33,20 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
275715
275717
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `2`
- [CVE-2024-41763](CVE-2024/CVE-2024-417xx/CVE-2024-41763.json) (`2025-01-04T15:15:06.017`)
- [CVE-2024-41765](CVE-2024/CVE-2024-417xx/CVE-2024-41765.json) (`2025-01-04T15:15:06.713`)
- [CVE-2024-41766](CVE-2024/CVE-2024-417xx/CVE-2024-41766.json) (`2025-01-04T15:15:06.850`)
- [CVE-2024-41767](CVE-2024/CVE-2024-417xx/CVE-2024-41767.json) (`2025-01-04T15:15:06.987`)
- [CVE-2024-41768](CVE-2024/CVE-2024-417xx/CVE-2024-41768.json) (`2025-01-04T15:15:07.127`)
- [CVE-2025-0211](CVE-2025/CVE-2025-02xx/CVE-2025-0211.json) (`2025-01-04T15:15:07.277`)
- [CVE-2025-0212](CVE-2025/CVE-2025-02xx/CVE-2025-0212.json) (`2025-01-04T16:15:23.003`)
- [CVE-2025-0213](CVE-2025/CVE-2025-02xx/CVE-2025-0213.json) (`2025-01-04T17:15:06.743`)
- [CVE-2025-0214](CVE-2025/CVE-2025-02xx/CVE-2025-0214.json) (`2025-01-04T17:15:07.507`)
### CVEs modified in the last Commit

16
_state.csv
View File

@ -262443,11 +262443,11 @@ CVE-2024-41752,0,0,6f6dac3f499fe7a58edaab0740f3281f55f95d72fe9308107d72dea5ca448
CVE-2024-4176,0,0,bbebb00d63b41a3619ef35d6461fab3b8fd8271367eb9c2415dbdbc268e57b15,2024-11-21T09:42:20.253000
CVE-2024-41761,0,0,183a2cec18f466d5717e002f6cd6d2700ac207cbdcd434bf78d86f226e394a03,2024-11-23T03:15:08.333000
CVE-2024-41762,0,0,4c983f99fd9207aedd2243856187958b4b9b76b67049382df79da756be6d51c0,2024-12-07T14:15:17.560000
CVE-2024-41763,1,1,a2aeb57705e940031c03097b7d21a1553139eec42d8a79ef8b18d935a04ab05c,2025-01-04T15:15:06.017000
CVE-2024-41765,1,1,ed29ce6a259ee4658e2b0d240f18830b9829fc67f22c8d4f15334826594a7360,2025-01-04T15:15:06.713000
CVE-2024-41766,1,1,d5da4cddc175d2f04ad9578323cdce50ea1e36c50774ca8c885a735ae7177364,2025-01-04T15:15:06.850000
CVE-2024-41767,1,1,cfd96b1763db7d812a00b5b58f162f02847c15a5642c481056dccd5e6017902d,2025-01-04T15:15:06.987000
CVE-2024-41768,1,1,0e1a7c9e739801b41ff2a53ea44a79cda9f2a93ab19df4a6acc92c2656fdd3d7,2025-01-04T15:15:07.127000
CVE-2024-41763,0,0,a2aeb57705e940031c03097b7d21a1553139eec42d8a79ef8b18d935a04ab05c,2025-01-04T15:15:06.017000
CVE-2024-41765,0,0,ed29ce6a259ee4658e2b0d240f18830b9829fc67f22c8d4f15334826594a7360,2025-01-04T15:15:06.713000
CVE-2024-41766,0,0,d5da4cddc175d2f04ad9578323cdce50ea1e36c50774ca8c885a735ae7177364,2025-01-04T15:15:06.850000
CVE-2024-41767,0,0,cfd96b1763db7d812a00b5b58f162f02847c15a5642c481056dccd5e6017902d,2025-01-04T15:15:06.987000
CVE-2024-41768,0,0,0e1a7c9e739801b41ff2a53ea44a79cda9f2a93ab19df4a6acc92c2656fdd3d7,2025-01-04T15:15:07.127000
CVE-2024-4177,0,0,b19cea7dfc04a16711a952f111997ccebc4378d3e2d6a3d68b2d48d03a2529dc,2024-11-21T09:42:20.397000
CVE-2024-41773,0,0,beaf4d8c312e85e3696081a024d02001bdac13d0a849a736ca19b73511b0958b,2024-08-26T18:33:07.997000
CVE-2024-41774,0,0,db82f7998f610ab2c3c2ae4d9e33bcab8463b004f8921670f73f55120becfa11,2024-08-24T11:15:05.670000
@ -275699,8 +275699,10 @@ CVE-2025-0206,0,0,2c51d520a4879eb37fad3da037af175b82b1f84ee273be776d242bffb65c08
CVE-2025-0207,0,0,f8e0e5696643458076493e3f93737513cc0c01701399e87dcf38e6f95da67118,2025-01-04T13:15:07.383000
CVE-2025-0208,0,0,4363e7b55c7d81cd4bb24af8aa707b774a793375e9ae8a8453bfff3f13c6a198,2025-01-04T13:15:07.557000
CVE-2025-0210,0,0,18250167a2190dfee9b92f3f6a39d2159faab5611a88842d989bbdb417acb98f,2025-01-04T14:15:22.590000
CVE-2025-0211,1,1,b9d423ddc7f5d7131d18e0c6e82ffdb0d7d511a9f93fbce8fd485a1054d607e4,2025-01-04T15:15:07.277000
CVE-2025-0212,1,1,4580d93240903455f5f37037363ed2ecac8e5e965bf219492073a30508f06c44,2025-01-04T16:15:23.003000
CVE-2025-0211,0,0,b9d423ddc7f5d7131d18e0c6e82ffdb0d7d511a9f93fbce8fd485a1054d607e4,2025-01-04T15:15:07.277000
CVE-2025-0212,0,0,4580d93240903455f5f37037363ed2ecac8e5e965bf219492073a30508f06c44,2025-01-04T16:15:23.003000
CVE-2025-0213,1,1,ae6082586b13f3a0897a3a0c9bb93f3136f000a55537ffc29cc265d27526ea6d,2025-01-04T17:15:06.743000
CVE-2025-0214,1,1,9254508d81ea0b82f0019bc7737a4434f0760310a24cc79081ad4facc4fcf53a,2025-01-04T17:15:07.507000
CVE-2025-21609,0,0,debac97612532639eda73000ed423c6055a43cea29689a043be2143f9409c2e8,2025-01-03T17:15:09.147000
CVE-2025-21610,0,0,91f58e52c41e26ee8c782751f380f5e6f82b9b51c281135ca06080d1bc5407a4,2025-01-03T17:15:09.290000
CVE-2025-22214,0,0,e2cc6e4f91ccc0784ce6c5e7f203a7b7ecf1116a49ea9d5798e3ff93276eaeec,2025-01-02T04:15:06.277000

Can't render this file because it is too large.