admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-23T16:00:28.688260+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-23 16:04:07 +00:00
parent 4a56922a24
commit 1e14d1b12f
112 changed files with 4014 additions and 587 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
CVE-2019/CVE-2019-24xx/CVE-2019-2483.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2019-2483",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-12-24T19:15:05.757",
"lastModified": "2024-12-24T19:15:05.757",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:21:09.487",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,10 +39,82 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F97E907-8C38-44D8-8787-E7BD95B3ACE9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9FC7EAC-DC83-466B-BEC7-459E82DF014D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3B70A22F-D67A-4BF6-AF17-686BF3A9BCB5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8355653B-79DD-4DCB-83CA-066BE4D8D9D4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A91551D-F3E4-4852-A333-733A28F49CF0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5E501CF6-0457-4160-9FD9-14B903219DBF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9E835828-6E56-472F-B497-DB5D90FF49F3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0050E830-3AB1-4D5B-BEB4-A46EC6418599"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:istore:12.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9E10272A-5407-48E2-93FC-A84A65F7EE38"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2019-5072801.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Broken Link"
]
}
]
}

25
CVE-2023/CVE-2023-472xx/CVE-2023-47297.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-47297",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:25.940",
"lastModified": "2025-06-23T15:15:25.940",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute arbitrary commands, including editing system security auditing configurations."
}
],
"metrics": {},
"references": [
{
"url": "https://drive.google.com/file/d/1YzoJ2QuI9LEEpF8r5ZiCdTQtR9hfsXl7/view?usp=sharing",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pwahba/cve-research/blob/main/CVE-2023-47297/CVE-2023-47297.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-472xx/CVE-2023-47298.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-47298",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:26.700",
"lastModified": "2025-06-23T15:15:26.700",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to query the SOAP API endpoint to obtain information about all of the users of the application including their usernames, roles, security groups and account statuses."
}
],
"metrics": {},
"references": [
{
"url": "https://drive.google.com/file/d/1-BDd0ycuYhuxo-lg4th-Cswimoqqzkot/view?usp=sharing",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pwahba/cve-research/blob/main/CVE-2023-47298/CVE-2023-47298.md",
"source": "cve@mitre.org"
}
]
}

25
CVE-2023/CVE-2023-489xx/CVE-2023-48978.json Normal file
View File

@ -0,0 +1,25 @@
{
"id": "CVE-2023-48978",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:26.890",
"lastModified": "2025-06-23T15:15:26.890",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component."
}
],
"metrics": {},
"references": [
{
"url": "https://drive.google.com/file/d/13JrkDcVtcQFepeGoG8roBZ1xFy7iBx1R/view?usp=sharing",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/pwahba/cve-research/blob/main/CVE-2023-48978/CVE-2023-48978.md",
"source": "cve@mitre.org"
}
]
}

28
CVE-2024/CVE-2024-212xx/CVE-2024-21206.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21206",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2024-10-15T20:15:09.050",
"lastModified": "2024-10-31T13:35:04.520",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:20:13.090",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:enterprise_command_center_framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "11",
"versionEndIncluding": "13",
"matchCriteriaId": "B88C407A-0A59-46DD-9093-8714208F9B92"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2024.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

38
CVE-2024/CVE-2024-226xx/CVE-2024-22654.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-22654",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-05-29T15:15:29.693",
"lastModified": "2025-05-30T16:31:03.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:42:44.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,46 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:tcpreplay:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "92890213-A6DC-469D-869E-B65DC1634190"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/TimChan2001/4f25915b9952e8e3453db5cf72185b88",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/appneta/tcpreplay/issues/827",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking"
]
},
{
"url": "https://github.com/appneta/tcpreplay/issues/827",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Issue Tracking"
]
}
]
}

77
CVE-2024/CVE-2024-42xx/CVE-2024-4256.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-4256",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-04-27T16:15:07.170",
"lastModified": "2024-11-21T09:42:29.233",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:07:20.147",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -36,6 +36,26 @@
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
],
"cvssMetricV2": [
@ -76,30 +96,71 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:techkshetrainfo:savsoft_quiz:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E5B5D6E-C991-499C-9F2C-E1937DF621E8"
}
]
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.262148",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.262148",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.319897",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?ctiid.262148",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.262148",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.319897",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"VDB Entry"
]
}
]
}

52
CVE-2024/CVE-2024-487xx/CVE-2024-48766.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-48766",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-05-13T16:15:23.717",
"lastModified": "2025-05-13T20:15:25.227",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:59:36.530",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -49,20 +49,62 @@
"value": "CWE-698"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netalertxnetalertx:*:*:*:*:*:*:*:*:*",
"versionStartIncluding": "24.7.18",
"versionEndExcluding": "24.10.12",
"matchCriteriaId": "D2D19236-3E00-4144-B81D-56268DEC39C6"
}
]
}
]
}
],
"references": [
{
"url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/netalertx_file_read.rb",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "https://rhinosecuritylabs.com/research/cve-2024-46506-rce-in-netalertx/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"Mitigation"
]
},
{
"url": "https://rhinosecuritylabs.com/research/cve-2024-46506-rce-in-netalertx/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"Mitigation"
]
}
]
}

10
CVE-2024/CVE-2024-51xx/CVE-2024-5154.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-5154",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-06-12T09:15:19.973",
"lastModified": "2024-12-11T04:15:04.990",
"lastModified": "2025-06-23T14:15:26.073",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -171,6 +171,10 @@
"Vendor Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4159",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2024:4486",
"source": "secalert@redhat.com",

67
CVE-2024/CVE-2024-51xx/CVE-2024-5193.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-5193",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-05-22T11:15:53.487",
"lastModified": "2024-11-21T09:47:09.827",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:07:25.363",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -120,38 +120,85 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:ritlabs:tinyweb:1.94:*:*:*:*:*:*:*",
"matchCriteriaId": "45D37E23-FA98-4094-B4FB-495C102613DA"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/DMCERTCE/CRLF_Tiny",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.265830",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.265830",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.333059",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/DMCERTCE/CRLF_Tiny",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.265830",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.265830",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.333059",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

45
CVE-2024/CVE-2024-547xx/CVE-2024-54779.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-54779",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-05-14T14:15:25.927",
"lastModified": "2025-05-19T15:15:22.700",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:38.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.0",
"matchCriteriaId": "D29B384D-CD2B-4B32-9356-5F2503EB3849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "25.03",
"matchCriteriaId": "25B25352-DA4B-47FC-905F-4146E989570D"
}
]
}
]
}
],
"references": [
{
"url": "https://blog.brillantit.com/exploiting-pfsense-xss-command-injection-cloud-hijack/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://docs.netgate.com/downloads/pfSense-SA-25_01.webgui.asc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory",
"Mailing List"
]
},
{
"url": "https://www.netgate.com/blog/important-security-updates-for-pfsense-plus-24.11-and-ce-2.7.2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

49
CVE-2024/CVE-2024-572xx/CVE-2024-57273.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-57273",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-05-14T14:15:26.310",
"lastModified": "2025-05-19T16:15:26.297",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:50:34.313",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,22 +51,59 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.8.0",
"matchCriteriaId": "D29B384D-CD2B-4B32-9356-5F2503EB3849"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*",
"versionEndExcluding": "25.03",
"matchCriteriaId": "25B25352-DA4B-47FC-905F-4146E989570D"
}
]
}
]
}
],
"references": [
{
"url": "http://netgate.com",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://blog.brillantit.com/exploiting-pfsense-xss-command-injection-cloud-hijack/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://docs.netgate.com/downloads/pfSense-SA-25_03.webgui.asc",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.netgate.com/blog/important-security-updates-for-pfsense-plus-24.11-and-ce-2.7.2",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Release Notes"
]
}
]
}

66
CVE-2024/CVE-2024-85xx/CVE-2024-8523.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-8523",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-09-07T09:15:02.807",
"lastModified": "2024-09-09T13:03:38.303",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:07:51.127",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 1.2,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -120,22 +140,56 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:lmxcms:lmxcms:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.4",
"matchCriteriaId": "83E38167-F858-4A63-8C63-79336B9DFA09"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/gaorenyusi/gaorenyusi/blob/main/lmx.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.276728",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.276728",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.399916",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

63
CVE-2025/CVE-2025-13xx/CVE-2025-1378.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1378",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-17T06:15:13.277",
"lastModified": "2025-02-17T06:15:13.277",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:37:28.747",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -120,34 +120,79 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/radareorg/radare2/commit/c6c772d2eab692ce7ada5a4227afd50c355ad545",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/23953",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/23953#issue-2844325926",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/milestone/86",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.295986",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.295986",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.498499",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

74
CVE-2025/CVE-2025-19xx/CVE-2025-1925.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-1925",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-04T14:15:36.717",
"lastModified": "2025-03-04T14:15:36.717",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:10:37.883",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -120,26 +140,64 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:open5gs:open5gs:*:*:*:*:*:*:*:*",
"versionEndIncluding": "2.7.2",
"matchCriteriaId": "E8160C0A-E77F-487D-B5E0-C6657E80D327"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/guoweifk/BugReport/blob/main/Open5GS%20AMF%20Denial%20of%20Service%20via%20PDU%20Session%20ID%20Conflict",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/open5gs/open5gs/pull/3711",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.298513",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.298513",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.506038",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-201xx/CVE-2025-20188.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-20188",
"sourceIdentifier": "psirt@cisco.com",
"published": "2025-05-07T18:15:38.617",
"lastModified": "2025-06-06T17:15:30.170",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:15:11.117",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,68 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F313F2EC-F3D6-4639-934C-402DDA3DA806"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.11.99sw:*:*:*:*:*:*:*",
"matchCriteriaId": "6F7C157F-5569-4072-805F-7AF598F6B56F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0778B-015D-481B-BAC0-40667F3453D3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EE165207-A066-44C1-B78A-6EFD80023204"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1098FCEA-6A9F-4634-A0EF-EC55ABCCEA3E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8577AF01-F2C7-48D3-AB0B-78BD63A60029"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:cisco:ios_xe:17.14.1:*:*:*:*:*:*:*",
"matchCriteriaId": "31789E98-7C8D-4C5A-8A3F-FC9AFE9A248C"
}
]
}
]
}
],
"references": [
{
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC",
"source": "psirt@cisco.com"
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://horizon3.ai/attack-research/attack-blogs/cisco-ios-xe-wlc-arbitrary-file-upload-vulnerability-cve-2025-20188-analysis/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

28
CVE-2025/CVE-2025-214xx/CVE-2025-21489.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21489",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:13.577",
"lastModified": "2025-01-23T20:15:31.630",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:21:28.207",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.2.3",
"versionEndIncluding": "12.2.10",
"matchCriteriaId": "0D76EBA1-1507-4365-9F9F-96537DA68119"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2025/CVE-2025-215xx/CVE-2025-21506.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21506",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:15.707",
"lastModified": "2025-01-22T19:15:10.643",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:21:39.560",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.2.3",
"versionEndIncluding": "12.2.13",
"matchCriteriaId": "03EF06AB-699E-4F8E-8B6C-C4B17F3F4DC1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2025/CVE-2025-215xx/CVE-2025-21516.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21516",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:17.030",
"lastModified": "2025-01-22T19:15:10.880",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:22:04.620",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.2.3",
"versionEndIncluding": "12.2.13",
"matchCriteriaId": "03EF06AB-699E-4F8E-8B6C-C4B17F3F4DC1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

35
CVE-2025/CVE-2025-215xx/CVE-2025-21533.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21533",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:19.240",
"lastModified": "2025-01-22T19:15:11.927",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:22:21.003",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.0.0",
"versionEndExcluding": "7.0.24",
"matchCriteriaId": "9D32CFD8-0D55-4466-A7F4-B5FF471AE6CB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:vm_virtualbox:*:*:*:*:*:*:*:*",
"versionStartIncluding": "7.1.0",
"versionEndExcluding": "7.1.6",
"matchCriteriaId": "38DEB6E3-61A7-4998-B593-0C574B03E792"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

31
CVE-2025/CVE-2025-215xx/CVE-2025-21535.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21535",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:19.477",
"lastModified": "2025-01-22T19:15:12.150",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:22:32.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,35 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

28
CVE-2025/CVE-2025-215xx/CVE-2025-21541.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21541",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:20.287",
"lastModified": "2025-01-22T19:15:12.827",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:23:31.587",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:workflow:*:*:*:*:*:*:*:*",
"versionStartIncluding": "12.2.3",
"versionEndIncluding": "12.2.14",
"matchCriteriaId": "B8EDFF6B-489B-48D0-8B48-B3E8F9FBCD7C"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

41
CVE-2025/CVE-2025-215xx/CVE-2025-21547.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21547",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:21.110",
"lastModified": "2025-03-18T19:15:47.860",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:24:44.480",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hospitality_opera_5:5.6.19.20:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C43706-08BB-497C-BACD-29F02114C9A1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hospitality_opera_5:5.6.25.8:*:*:*:*:*:*:*",
"matchCriteriaId": "462CD9C3-D903-4433-8537-E930BEAEE371"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hospitality_opera_5:5.6.26.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C5550B1-E8E4-4898-A629-FCAADC8865F1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hospitality_opera_5:5.6.27.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9D7B16-41B5-46DF-B889-861EF34B4B37"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

26
CVE-2025/CVE-2025-215xx/CVE-2025-21549.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21549",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:21.377",
"lastModified": "2025-03-13T19:15:51.240",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:24:53.057",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,30 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

36
CVE-2025/CVE-2025-215xx/CVE-2025-21550.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-21550",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2025-01-21T21:15:21.510",
"lastModified": "2025-03-13T15:15:51.980",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:25:05.683",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3BBB9F8E-7374-4426-A269-FB669644538F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "C28D8453-2E02-43C3-8998-8B694F4B7505"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:8.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "49BE74EB-7D30-47FF-B1BD-21A57CD091B1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpujan2025.html",
"source": "secalert_us@oracle.com"
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}

82
CVE-2025/CVE-2025-21xx/CVE-2025-2171.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-2171",
"sourceIdentifier": "mandiant-cve@google.com",
"published": "2025-06-23T14:15:26.437",
"lastModified": "2025-06-23T14:15:26.437",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 do not enforce rate limiting on password reset attempts, allowing adversaries to brute force guess the 6-digit password reset PIN"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-307"
}
]
}
],
"references": [
{
"url": "https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller",
"source": "mandiant-cve@google.com"
},
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0003.md",
"source": "mandiant-cve@google.com"
}
]
}

82
CVE-2025/CVE-2025-21xx/CVE-2025-2172.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-2172",
"sourceIdentifier": "mandiant-cve@google.com",
"published": "2025-06-23T14:15:26.607",
"lastModified": "2025-06-23T14:15:26.607",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input prior to passing the input to command line utilities, allowing command injection via special characters in filenames"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "mandiant-cve@google.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"references": [
{
"url": "https://cloud.google.com/blog/topics/threat-intelligence/remote-code-execution-aviatrix-controller",
"source": "mandiant-cve@google.com"
},
{
"url": "https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2025/MNDT-2025-0004.md",
"source": "mandiant-cve@google.com"
}
]
}

51
CVE-2025/CVE-2025-23xx/CVE-2025-2357.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2357",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-03-17T02:15:13.583",
"lastModified": "2025-03-17T02:15:13.583",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:11:50.187",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -120,26 +120,63 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:offis:dcmtk:3.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "16BC1718-C1CE-4CCF-AF01-4C922B664B2F"
}
]
}
]
}
],
"references": [
{
"url": "https://support.dcmtk.org/redmine/issues/1155",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://support.dcmtk.org/redmine/issues/1155?tab=history#note-1",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.299824",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.299824",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.513692",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

46
CVE-2025/CVE-2025-25xx/CVE-2025-2558.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-2558",
"sourceIdentifier": "contact@wpscan.com",
"published": "2025-04-24T06:15:45.800",
"lastModified": "2025-04-29T13:52:47.470",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:17:34.443",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -39,14 +39,52 @@
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:the_wound_project:the_wound:*:*:*:*:*:wordpress:*:*",
"versionEndIncluding": "0.0.1",
"matchCriteriaId": "1B939288-6C53-42EE-B321-4981EC090C42"
}
]
}
]
}
],
"references": [
{
"url": "https://wpscan.com/vulnerability/6a8e1c89-a01d-4347-91fc-ba454784b153/",
"source": "contact@wpscan.com"
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://wpscan.com/vulnerability/6a8e1c89-a01d-4347-91fc-ba454784b153/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

35
CVE-2025/CVE-2025-275xx/CVE-2025-27531.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-27531",
"sourceIdentifier": "security@apache.org",
"published": "2025-06-06T15:15:23.883",
"lastModified": "2025-06-10T16:15:36.583",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:24:00.320",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,41 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:apache:inlong:*:*:*:*:*:*:*:*",
"versionStartIncluding": "1.13.0",
"versionEndExcluding": "2.1.0",
"matchCriteriaId": "834EF91B-E4A3-45F8-9D09-8252C82B2F9D"
}
]
}
]
}
],
"references": [
{
"url": "https://lists.apache.org/thread/r62lkqrr739wvcb60j6ql6q63rh4bxx5",
"source": "security@apache.org"
"source": "security@apache.org",
"tags": [
"Vendor Advisory",
"Mailing List"
]
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/02/28/2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Vendor Advisory"
]
}
]
}

45
CVE-2025/CVE-2025-283xx/CVE-2025-28386.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-28386",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-13T14:15:20.713",
"lastModified": "2025-06-17T19:15:26.943",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:06:04.657",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,53 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openc3:cosmos:6.0.0:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "9690AE92-0F94-4490-9F63-5AA20ED6E609"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:openc3:cosmos:6.0.0:*:*:*:open_source:*:*:*",
"matchCriteriaId": "7248EE06-0D64-4126-8FF4-E22F7E071753"
}
]
}
]
}
],
"references": [
{
"url": "https://openc3.com/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://visionspace.com/openc3-cosmos-a-security-assessment-of-an-open-source-mission-framework/",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
}
]
}

24
CVE-2025/CVE-2025-328xx/CVE-2025-32875.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-32875",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-20T14:15:27.730",
"lastModified": "2025-06-20T15:15:19.713",
"lastModified": "2025-06-23T15:15:27.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing and bonding is neither initiated nor enforced by the application itself. Also, the watch does not enforce pairing and bonding. As a result, any data transmitted via BLE remains unencrypted, allowing attackers within Bluetooth range to eavesdrop on the communication. Furthermore, even if a user manually initiates pairing and bonding in the Android settings, the application continues to transmit data without requiring the watch to be bonded. This fallback behavior enables attackers to exploit the communication, for example, by conducting an active machine-in-the-middle attack."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en la aplicaci\u00f3n COROS hasta la versi\u00f3n 3.8.12 para Android. El emparejamiento y la vinculaci\u00f3n Bluetooth no se inician ni se aplican por la propia aplicaci\u00f3n. Adem\u00e1s, el reloj no aplica el emparejamiento y la vinculaci\u00f3n. Como resultado, los datos transmitidos mediante BLE permanecen sin cifrar, lo que permite a los atacantes dentro del alcance de Bluetooth interceptar la comunicaci\u00f3n. Adem\u00e1s, incluso si un usuario inicia manualmente el emparejamiento y la vinculaci\u00f3n en la configuraci\u00f3n de Android, la aplicaci\u00f3n contin\u00faa transmitiendo datos sin necesidad de vincular el reloj. Este comportamiento de respaldo permite a los atacantes explotar la comunicaci\u00f3n, por ejemplo, mediante un ataque de m\u00e1quina en el medio (MAI)."
}
],
"metrics": {
@ -18,20 +22,20 @@
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
"exploitabilityScore": 2.1,
"impactScore": 3.6
}
]
},

45
CVE-2025/CVE-2025-40xx/CVE-2025-4043.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-4043",
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"published": "2025-05-07T21:16:04.643",
"lastModified": "2025-05-08T16:15:28.283",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T15:02:15.940",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -105,14 +105,51 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:milesight:ug65-868m-ea_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "60.0.0.46",
"matchCriteriaId": "F0FBC40D-47AB-4D0C-AA3F-674D7FB5DD69"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:milesight:ug65-868m-ea:-:*:*:*:*:*:*:*",
"matchCriteriaId": "60AEB147-CFDB-424E-8914-DDBBFDACDF72"
}
]
}
]
}
],
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-02",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
]
},
{
"url": "https://www.milesight.com/iot/resources/download-center/#firmware-ug65",
"source": "ics-cert@hq.dhs.gov"
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Release Notes"
]
}
]
}

62
CVE-2025/CVE-2025-41xx/CVE-2025-4135.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-4135",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-30T18:15:48.400",
"lastModified": "2025-05-02T13:53:40.163",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:13:00.287",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -124,26 +124,74 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:wg302v2_firmware:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.2.9",
"matchCriteriaId": "03E6FF23-0662-40D5-A414-125A33845001"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:wg302v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "55487992-36DA-45AB-8D58-E440D98E116D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_WG302v2/Command_injection-basic_settings_handler-static-ip-update/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.306626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.306626",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.560779",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.netgear.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

61
CVE-2025/CVE-2025-41xx/CVE-2025-4139.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-4139",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-04-30T21:15:55.003",
"lastModified": "2025-05-02T13:53:40.163",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:13:27.283",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -124,26 +124,73 @@
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:netgear:ex6120_firmware:1.0.0.68:*:*:*:*:*:*:*",
"matchCriteriaId": "0DA3026E-B60B-4B18-B41A-71F35713C67D"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:netgear:ex6120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8C6DFDB6-1D7A-459A-8D30-FD4900ED718B"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/jylsec/vuldb/blob/main/Netgear/netgear_ex6120/Buffer_overflow-fwAcosCgiInbound-port_end/README.md",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://vuldb.com/?ctiid.306631",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.306631",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.560785",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.netgear.com/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Product"
]
}
]
}

40
CVE-2025/CVE-2025-450xx/CVE-2025-45001.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-45001",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-09T17:15:29.157",
"lastModified": "2025-06-12T16:06:47.857",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:18:43.410",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,48 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:numan:react-native-keys:0.7.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C28ED9CD-FA1A-4DB8-9877-CF717ACEC6D2"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45001",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://gist.github.com/ch3tanbug/44aedff79dd5d2d6beadbffcd01e0de5",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Mitigation",
"Third Party Advisory"
]
}
]
}

34
CVE-2025/CVE-2025-450xx/CVE-2025-45002.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-45002",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-09T17:15:29.450",
"lastModified": "2025-06-12T16:06:47.857",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:15:58.093",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,14 +51,40 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:codervivek:vigybag:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.0",
"matchCriteriaId": "AA62C4F9-303D-463B-A471-06B720A03E6D"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45002",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/ch3tanbug/vulnerability-research/tree/main/CVE-2025-45002",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

37
CVE-2025/CVE-2025-458xx/CVE-2025-45855.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-45855",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-03T14:15:48.750",
"lastModified": "2025-06-04T14:54:33.783",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:25:39.560",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,18 +51,45 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:erupt:erupt:*:*:*:*:*:*:*:*",
"versionEndIncluding": "1.12.19",
"matchCriteriaId": "70AF82F0-ADCA-4719-B2B3-21DCE99B8423"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/Cafe-Tea/b72d442be434e1dafe7810c938892b06",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/erupts/erupt",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.erupt.xyz/#%21/",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Product"
]
}
]
}

33
CVE-2025/CVE-2025-460xx/CVE-2025-46096.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-46096",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-13T13:15:21.710",
"lastModified": "2025-06-16T12:32:18.840",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:08:37.750",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -55,14 +55,39 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:noear:solon:3.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8B8D350B-B51B-48B9-A7CF-A2D9371C1ED6"
}
]
}
]
}
],
"references": [
{
"url": "https://gist.github.com/yaoyao-cool/1b7d80930fea88b6fd4839646cedc437",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://github.com/opensolon/solon/issues/357",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
]
}
]
}

21
CVE-2025/CVE-2025-461xx/CVE-2025-46101.json Normal file
View File

@ -0,0 +1,21 @@
{
"id": "CVE-2025-46101",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:27.793",
"lastModified": "2025-06-23T15:15:27.793",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL Injection vulnerability in Beakon Software Beakon Learning Management System Sharable Content Object Reference Model (SCORM) version before 5.4.3 allows a remote attacker to obtain sensitive information via the ks parameter in json_scorm.php file"
}
],
"metrics": {},
"references": [
{
"url": "https://packetstorm.news/files/id/200942/",
"source": "cve@mitre.org"
}
]
}

75
CVE-2025/CVE-2025-467xx/CVE-2025-46721.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-46721",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-13T16:15:31.750",
"lastModified": "2025-05-13T20:15:30.217",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:55:07.967",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7
}
]
},
"weaknesses": [
@ -73,30 +95,67 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:nosurf_project:nosurf:*:*:*:*:*:go:*:*",
"versionEndExcluding": "1.2.0",
"matchCriteriaId": "C2513CBF-78BE-420F-9448-6C4226E36EC9"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/advisories/GHSA-rq77-p4h8-4crw",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Not Applicable"
]
},
{
"url": "https://github.com/justinas/nosurf-cve-2025-46721",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://github.com/justinas/nosurf/commit/ec9bb776d8e5ba9e906b6eb70428f4e7b009feee",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/justinas/nosurf/releases/tag/v1.2.0",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://github.com/justinas/nosurf/security/advisories/GHSA-w9hf-35q4-vcjw",
"source": "security-advisories@github.com"
"source": "security-advisories@github.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://github.com/advisories/GHSA-rq77-p4h8-4crw",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Not Applicable"
]
}
]
}

70
CVE-2025/CVE-2025-47xx/CVE-2025-4727.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-4727",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-15T23:15:59.470",
"lastModified": "2025-05-16T14:42:18.700",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T15:14:50.350",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -124,38 +124,88 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:meteor:meteor:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.2.2",
"matchCriteriaId": "DB308F33-2847-44F3-9B14-657579A39E3C"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/meteor/meteor/commit/f7ea6817b90952baaea9baace2a3b4366fee6a63",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch",
"Issue Tracking"
]
},
{
"url": "https://github.com/meteor/meteor/issues/13713",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://github.com/meteor/meteor/pull/13721",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Patch"
]
},
{
"url": "https://github.com/meteor/meteor/releases/tag/release/METEOR%403.2.2",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Release Notes"
]
},
{
"url": "https://vuldb.com/?ctiid.309029",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309029",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.570441",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.570441",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-47xx/CVE-2025-4792.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-4792",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-16T18:16:11.280",
"lastModified": "2025-05-19T13:35:20.460",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:36.113",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-fb7e880a8c21bdec1f4d3953a2c57bcc582b95ffc83513c7d709f45c15d60504.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309101",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309101",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.572481",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

29
CVE-2025/CVE-2025-487xx/CVE-2025-48700.json Normal file
View File

@ -0,0 +1,29 @@
{
"id": "CVE-2025-48700",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:27.930",
"lastModified": "2025-06-23T15:15:27.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information. This issue arises from insufficient sanitization of HTML content, specifically involving crafted tag structures and attribute values that include an @import directive and other script injection vectors. The vulnerability is triggered when a user views a crafted e-mail message in the Classic UI, requiring no additional user interaction."
}
],
"metrics": {},
"references": [
{
"url": "https://wiki.zimbra.com/wiki/Security_Center",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy",
"source": "cve@mitre.org"
},
{
"url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories",
"source": "cve@mitre.org"
}
]
}

43
CVE-2025/CVE-2025-487xx/CVE-2025-48705.json
View File

@ -2,16 +2,55 @@
"id": "CVE-2025-48705",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-20T14:15:29.633",
"lastModified": "2025-06-20T14:15:29.633",
"lastModified": "2025-06-23T15:15:28.067",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NULL pointer dereference vulnerability, sending a crafted BLE message forces the device to reboot."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en COROS PACE 3 a 3.0808.0. Debido a una vulnerabilidad de desreferencia de puntero nulo, el env\u00edo de un mensaje BLE manipulado obliga al dispositivo a reiniciarse."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"metrics": {},
"references": [
{
"url": "https://syss.de",

27
CVE-2025/CVE-2025-487xx/CVE-2025-48748.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-48748",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-05-29T15:15:34.137",
"lastModified": "2025-05-30T16:31:03.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:37:52.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -51,10 +51,31 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:netwrix:directory_manager:*:*:*:*:*:*:*:*",
"versionEndIncluding": "10.0.7784.0",
"matchCriteriaId": "6C6CC058-AF99-4612-A710-D1B370E6E20A"
}
]
}
]
}
],
"references": [
{
"url": "https://community.netwrix.com/t/adv-2025-013-hard-coded-password-in-netwrix-directory-manager-formerly-imanami-groupid-v10-and-earlier/13945",
"source": "cve@mitre.org"
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
}
]
}

50
CVE-2025/CVE-2025-490xx/CVE-2025-49080.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-49080",
"sourceIdentifier": "SecurityResponse@netmotionsoftware.com",
"published": "2025-06-12T17:15:29.193",
"lastModified": "2025-06-17T19:15:32.847",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:09:31.560",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -59,6 +59,28 @@
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
@ -73,10 +95,32 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:absolute:secure_access:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0",
"versionEndIncluding": "13.54",
"matchCriteriaId": "0FBA6CCF-7369-459B-9B71-5ADFCA00EFB1"
}
]
}
]
}
],
"references": [
{
"url": "https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49080",
"source": "SecurityResponse@netmotionsoftware.com"
"source": "SecurityResponse@netmotionsoftware.com",
"tags": [
"Vendor Advisory"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5049.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5049",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-21T19:16:09.937",
"lastModified": "2025-05-21T20:24:58.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:34.223",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/e837c056f1ced605a9574541c7bf9861982bbf52ac5da3a5c5b637dbbadb49b7-exploit.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309868",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581278",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5050.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5050",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-21T19:16:10.147",
"lastModified": "2025-05-21T20:24:58.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:31.630",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-bbcf0f842f1c5385430b6992995a8eb068c58dfbaae38ffb7df1d2c69041bc7c.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309869",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581282",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5051.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5051",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-21T20:15:33.770",
"lastModified": "2025-05-21T20:24:58.133",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:29.537",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-4c025558ea74cba6eda5d8483c3d65f16de258eef4b3a5fcc50b4278c120e558.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309870",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309870",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581283",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5052.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5052",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-21T21:16:03.650",
"lastModified": "2025-05-23T15:55:02.040",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:27.970",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-bbcf0f842f1c5385430b6992995a8eb068c58dfbaae38ffb7df1d2c69041bc7c1.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309871",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309871",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581284",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5075.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5075",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-22T13:15:58.467",
"lastModified": "2025-05-23T15:55:02.040",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:26.367",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-5c08f30e4ae57f2e4b89fbe5a5d6c540e3c359e1e5b12a00d4a6257b1b9fc935.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309955",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309955",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581296",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-50xx/CVE-2025-5076.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5076",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-22T14:16:08.927",
"lastModified": "2025-05-23T15:55:02.040",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:24.623",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-9829d8aeaf006c1a3474f4cbcc27d3dd30b5e2053444fd36b805b785f65b2e3e.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.309956",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.309956",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581297",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-51xx/CVE-2025-5110.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5110",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-23T14:15:30.023",
"lastModified": "2025-05-23T15:54:42.643",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:22.817",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-325e5cf47259d3b511d301c84b53946fd1b78226df7291d441103ef5295f216e.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.310087",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.310087",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.582957",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

66
CVE-2025/CVE-2025-51xx/CVE-2025-5111.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5111",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-23T14:15:30.207",
"lastModified": "2025-05-23T15:54:42.643",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:51:20.580",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -63,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -124,22 +144,54 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-b08607fc683b518b37423881e5ee902fdb2a7c04ac57f7ff725df240e171f5e3.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.310088",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.310088",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.582958",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

16
CVE-2025/CVE-2025-525xx/CVE-2025-52542.json Normal file
View File

@ -0,0 +1,16 @@
{
"id": "CVE-2025-52542",
"sourceIdentifier": "dd59f033-460c-4b88-a075-d4d3fedb6191",
"published": "2025-06-23T14:15:26.753",
"lastModified": "2025-06-23T14:15:26.753",
"vulnStatus": "Rejected",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
}
],
"metrics": {},
"references": []
}

56
CVE-2025/CVE-2025-528xx/CVE-2025-52875.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-52875",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2025-06-23T15:15:28.260",
"lastModified": "2025-06-23T15:15:28.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

56
CVE-2025/CVE-2025-528xx/CVE-2025-52876.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-52876",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2025-06-23T15:15:28.447",
"lastModified": "2025-06-23T15:15:28.447",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIcon page was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

56
CVE-2025/CVE-2025-528xx/CVE-2025-52877.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-52877",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2025-06-23T15:15:28.603",
"lastModified": "2025-06-23T15:15:28.603",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuildsStats page was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

56
CVE-2025/CVE-2025-528xx/CVE-2025-52878.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-52878",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2025-06-23T15:15:28.770",
"lastModified": "2025-06-23T15:15:28.770",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2025.03.3 usernames were exposed to the users without proper permissions"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-862"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

56
CVE-2025/CVE-2025-528xx/CVE-2025-52879.json Normal file
View File

@ -0,0 +1,56 @@
{
"id": "CVE-2025-52879",
"sourceIdentifier": "cve@jetbrains.com",
"published": "2025-06-23T15:15:28.933",
"lastModified": "2025-06-23T15:15:28.933",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Registry integration was possible"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@jetbrains.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7
}
]
},
"weaknesses": [
{
"source": "cve@jetbrains.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://www.jetbrains.com/privacy-security/issues-fixed/",
"source": "cve@jetbrains.com"
}
]
}

14
CVE-2025/CVE-2025-529xx/CVE-2025-52937.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-52937",
"sourceIdentifier": "cve_disclosure@tech.gov.sg",
"published": "2025-06-23T10:15:27.717",
"lastModified": "2025-06-23T10:15:27.717",
"lastModified": "2025-06-23T14:15:27.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -57,6 +57,18 @@
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-494"
}
]
}
],
"references": [
{
"url": "https://github.com/PointCloudLibrary/pcl/commit/2f9dc390c6769fbd821fafa0e16f4707ed7c5d79",

64
CVE-2025/CVE-2025-529xx/CVE-2025-52967.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-52967",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:29.163",
"lastModified": "2025-06-23T15:15:29.163",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "gateway_proxy_handler in MLflow before 3.1.0 lacks gateway_path validation."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "CHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-918"
}
]
}
],
"references": [
{
"url": "https://github.com/mlflow/mlflow/issues/15944",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mlflow/mlflow/pull/15970",
"source": "cve@mitre.org"
},
{
"url": "https://github.com/mlflow/mlflow/releases/tag/v3.1.0",
"source": "cve@mitre.org"
}
]
}

67
CVE-2025/CVE-2025-529xx/CVE-2025-52968.json Normal file
View File

@ -0,0 +1,67 @@
{
"id": "CVE-2025-52968",
"sourceIdentifier": "cve@mitre.org",
"published": "2025-06-23T15:15:29.350",
"lastModified": "2025-06-23T15:15:29.350",
"vulnStatus": "Received",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
"tags": [
"disputed"
]
}
],
"descriptions": [
{
"lang": "en",
"value": "xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which can facilitate CSRF. NOTE: this is disputed because integrations of xdg-open typically do not provide information about whether the xdg-open command and arguments were manually entered by a user, or whether they were the result of a navigation from content in an untrusted origin."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "cve@mitre.org",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N",
"baseScore": 2.7,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "cve@mitre.org",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-420"
}
]
}
],
"references": [
{
"url": "https://cgit.freedesktop.org/xdg/xdg-utils/tag/?h=v1.2.1",
"source": "cve@mitre.org"
},
{
"url": "https://www.openwall.com/lists/oss-security/2025/06/23/1",
"source": "cve@mitre.org"
}
]
}

81
CVE-2025/CVE-2025-53xx/CVE-2025-5330.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5330",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-29T22:15:22.747",
"lastModified": "2025-05-30T16:31:03.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:37:01.860",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,75 @@
"value": "CWE-120"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:freefloat:freefloat_ftp_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9C3D4BD-07C8-4E11-8B6C-6CBBA66F0725"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/r3ng4f/FreeFloat_1/blob/main/01-exploit.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.310503",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.310503",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.585402",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/r3ng4f/FreeFloat_1/blob/main/01-exploit.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

79
CVE-2025/CVE-2025-53xx/CVE-2025-5331.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5331",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-29T22:15:22.940",
"lastModified": "2025-05-30T16:31:03.107",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:35:13.397",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -80,6 +80,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -122,28 +142,73 @@
"value": "CWE-120"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:pcman_ftp_server_project:pcman_ftp_server:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "33ACD9B6-5E83-4D68-A829-FA67A55CA6A3"
}
]
}
]
}
],
"references": [
{
"url": "https://github.com/r3ng4f/PCMan_1/blob/main/exploit02.txt",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://vuldb.com/?ctiid.310504",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.310504",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.585404",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://github.com/r3ng4f/PCMan_1/blob/main/exploit02.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5641.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5641",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T07:15:23.317",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:37:57.193",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1oG5IC7qhL_SJsIHpnWp7MZlWJGYt8qWZ/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24230",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24230#issuecomment-2919612676",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311129",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311129",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586909",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5642.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5642",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T07:15:23.583",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:38:11.337",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1joXpofhKSeb3uJ034ayVuWIoJj08gm_9/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24231",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24231#issuecomment-2918848163",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311130",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311130",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586910",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5643.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5643",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T07:15:23.780",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:38:25.483",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1XsoyD7lMC-9a9Cxhld8sdEE-0PF3lxvB/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24232",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24232#issuecomment-2918841776",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311131",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311131",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586912",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5644.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5644",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T07:15:23.990",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:38:45.623",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -131,34 +131,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1VtiMMp7ECun3sq3AwlqQrU9xEPA45eOz/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24233",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24233#issuecomment-2918847833",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311132",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311132",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586921",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5645.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5645",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T08:15:20.973",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:39:01.727",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1LVaraZB30lJXtrvp-4bcEJrZYFJb2bfc/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24234",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24234#issuecomment-2918847551",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311133",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311133",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586922",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5646.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5646",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T08:15:21.197",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:40:23.430",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/1PYNtV7Kx2OEgM9Cemb5FBlMJH_J1wux0/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24235",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24235#issuecomment-2918847213",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311134",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311134",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586923",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

62
CVE-2025/CVE-2025-56xx/CVE-2025-5647.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5647",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T09:15:22.847",
"lastModified": "2025-06-05T20:12:23.777",
"vulnStatus": "Undergoing Analysis",
"lastModified": "2025-06-23T14:40:09.040",
"vulnStatus": "Analyzed",
"cveTags": [
{
"sourceIdentifier": "cna@vuldb.com",
@ -127,34 +127,78 @@
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:radare:radare2:5.9.9:*:*:*:*:*:*:*",
"matchCriteriaId": "FE116081-11B9-4F5B-B0A1-62B6FAEAC449"
}
]
}
]
}
],
"references": [
{
"url": "https://drive.google.com/file/d/16ApwSAKLDqm1qzJLe-uUZSCyy8HNG965/view?usp=sharing",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit"
]
},
{
"url": "https://github.com/radareorg/radare2/commit/5705d99cc1f23f36f9a84aab26d1724010b97798",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Patch"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24237",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://github.com/radareorg/radare2/issues/24237#issuecomment-2918846137",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311135",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311135",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.586928",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}

78
CVE-2025/CVE-2025-58xx/CVE-2025-5875.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2025-5875",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-09T12:15:21.890",
"lastModified": "2025-06-12T19:15:20.893",
"vulnStatus": "Awaiting Analysis",
"lastModified": "2025-06-23T14:21:01.890",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -122,32 +122,94 @@
"value": "CWE-120"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:tl-ipc544ep-w4_firmware:1.0.9:build240428_rel69493n:*:*:*:*:*:*",
"matchCriteriaId": "EF8F1F10-03EF-4711-B0AF-DE2BD516C785"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:tl-ipc544ep-w4:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F78FBC4D-FEFC-4CD1-8EA8-C21BF37A8370"
}
]
}
]
}
],
"references": [
{
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Exploit",
"Third Party Advisory"
]
},
{
"url": "https://vuldb.com/?ctiid.311634",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Permissions Required",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?id.311634",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://vuldb.com/?submit.581366",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://www.tp-link.cn/",
"source": "cna@vuldb.com"
"source": "cna@vuldb.com",
"tags": [
"Broken Link"
]
},
{
"url": "https://locrian-lightning-dc7.notion.site/TL-IPC544EP-W4-1f98e5e2b1a280ae9862d49391d95651",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Exploit",
"Third Party Advisory"
]
}
]
}

54
CVE-2025/CVE-2025-60xx/CVE-2025-6019.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6019",
"sourceIdentifier": "secalert@redhat.com",
"published": "2025-06-19T12:15:19.727",
"lastModified": "2025-06-19T12:15:19.727",
"lastModified": "2025-06-23T14:15:27.323",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -42,7 +42,7 @@
"weaknesses": [
{
"source": "secalert@redhat.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -52,6 +52,42 @@
}
],
"references": [
{
"url": "https://access.redhat.com/errata/RHSA-2025:9320",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9321",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9322",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9323",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9324",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9325",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9326",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9327",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2025:9328",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2025-6019",
"source": "secalert@redhat.com"
@ -60,6 +96,10 @@
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370051",
"source": "secalert@redhat.com"
},
{
"url": "https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt",
"source": "secalert@redhat.com"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/06/17/5",
"source": "af854a3a-2127-422b-91ae-364da2661108"
@ -75,6 +115,14 @@
{
"url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://news.ycombinator.com/item?id=44325861",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attackers-get-root-on-major-linux-distros/",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6368.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6368",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T22:15:19.407",
"lastModified": "2025-06-20T22:15:19.407",
"lastModified": "2025-06-23T15:15:29.943",
"vulnStatus": "Received",
"cveTags": [
{
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "A vulnerability was found in D-Link DIR-619L 2.06B01. It has been rated as critical. This issue affects the function formSetEmail of the file /goform/formSetEmail. The manipulation of the argument curTime/config.smtp_email_subject leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en D-Link DIR-619L 2.06B01. Se ha clasificado como cr\u00edtica. Este problema afecta a la funci\u00f3n formSetEmail del archivo /goform/formSetEmail. La manipulaci\u00f3n del argumento curTime/config.smtp_email_subject provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"metrics": {
@ -66,7 +70,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -114,7 +118,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -147,6 +151,10 @@
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_68/68.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6369.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6369",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T22:15:19.613",
"lastModified": "2025-06-20T22:15:19.613",
"lastModified": "2025-06-23T15:15:30.093",
"vulnStatus": "Received",
"cveTags": [
{
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in D-Link DIR-619L 2.06B01. Affected is the function formdumpeasysetup of the file /goform/formdumpeasysetup. The manipulation of the argument curTime/config.save_network_enabled leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad cr\u00edtica en D-Link DIR-619L 2.06B01. La funci\u00f3n formdumpeasysetup del archivo /goform/formdumpeasysetup est\u00e1 afectada. La manipulaci\u00f3n del argumento curTime/config.save_network_enabled provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"metrics": {
@ -66,7 +70,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -114,7 +118,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -147,6 +151,10 @@
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_69/69.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6370.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6370",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T22:15:19.800",
"lastModified": "2025-06-20T22:15:19.800",
"lastModified": "2025-06-23T15:15:30.220",
"vulnStatus": "Received",
"cveTags": [
{
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "A vulnerability classified as critical was found in D-Link DIR-619L 2.06B01. Affected by this vulnerability is the function formWlanGuestSetup of the file /goform/formWlanGuestSetup. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L 2.06B01. Esta vulnerabilidad afecta a la funci\u00f3n formWlanGuestSetup del archivo /goform/formWlanGuestSetup. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"metrics": {
@ -66,7 +70,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -114,7 +118,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -147,6 +151,10 @@
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_70/70.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6371.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2025-6371",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-20T23:15:19.050",
"lastModified": "2025-06-20T23:15:19.050",
"lastModified": "2025-06-23T15:15:30.370",
"vulnStatus": "Received",
"cveTags": [
{
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en D-Link DIR-619L 2.06B01. Este problema afecta a la funci\u00f3n formSetEnableWizard del archivo /goform/formSetEnableWizard. La manipulaci\u00f3n del argumento curTime provoca un desbordamiento del b\u00fafer en la pila. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Esta vulnerabilidad solo afecta a los productos que ya no reciben soporte del fabricante."
}
],
"metrics": {
@ -66,7 +70,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -114,7 +118,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -147,6 +151,10 @@
{
"url": "https://www.dlink.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/wudipjq/my_vuln/blob/main/D-Link6/vuln_71/71.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6375.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6375",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T01:15:29.463",
"lastModified": "2025-06-21T01:15:29.463",
"lastModified": "2025-06-23T15:15:30.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in poco up to 1.14.1. It has been rated as problematic. Affected by this issue is the function MultipartInputStream of the file Net/src/MultipartReader.cpp. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.14.2 is able to address this issue. The patch is identified as 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. It is recommended to upgrade the affected component."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en poco hasta la versi\u00f3n 1.14.1. Se ha clasificado como problem\u00e1tica. Este problema afecta a la funci\u00f3n MultipartInputStream del archivo Net/src/MultipartReader.cpp. La manipulaci\u00f3n provoca la desreferenciaci\u00f3n de puntero nulo. El ataque debe abordarse localmente. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Actualizar a la versi\u00f3n 1.14.2 puede solucionar este problema. El parche se identifica como 6f2f85913c191ab9ddfb8fae781f5d66afccf3bf. Se recomienda actualizar el componente afectado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -148,6 +152,10 @@
{
"url": "https://vuldb.com/?submit.597446",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/pocoproject/poco/issues/4915",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6393.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6393",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T01:15:29.650",
"lastModified": "2025-06-21T01:15:29.650",
"lastModified": "2025-06-23T15:15:30.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in TOTOLINK A702R, A3002R, A3002RU and EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. It has been classified as critical. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en TOTOLINK A702R, A3002R, A3002RU y EX1200T 3.0.0-B20230809.1615/4.0.0-B20230531.1404/4.0.0-B20230721.1521/4.1.2cu.5232_B20210713. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /boafrm/formIPv6Addr del componente HTTP POST Request Handler. La manipulaci\u00f3n del argumento \"submit-url\" provoca un desbordamiento del b\u00fafer. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -156,6 +160,10 @@
{
"url": "https://www.totolink.net/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/awindog/cve/blob/main/688/15.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-63xx/CVE-2025-6394.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6394",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T02:15:20.247",
"lastModified": "2025-06-21T02:15:20.247",
"lastModified": "2025-06-23T15:15:30.777",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /add_reserve.php. The manipulation of the argument firstname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /add_reserve.php. La manipulaci\u00f3n del argumento firstname provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Otros par\u00e1metros tambi\u00e9n podr\u00edan verse afectados."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.597662",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/aoc1997/cve/issues/1",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6403.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6403",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T10:15:22.360",
"lastModified": "2025-06-21T10:15:22.360",
"lastModified": "2025-06-23T15:15:30.903",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects School Fees Payment System 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo /student.php. La manipulaci\u00f3n del ID del argumento provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.597758",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/tuooo/CVE/issues/16",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6404.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6404",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T12:15:19.313",
"lastModified": "2025-06-21T12:15:19.313",
"lastModified": "2025-06-23T15:15:31.030",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Campcodes Online Teacher Record Management System 1.0. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad cr\u00edtica en Campcodes Online Teacher Record Management System 1.0. Se ve afectada una funci\u00f3n desconocida del archivo /admin/search.php. La manipulaci\u00f3n del argumento \"searchdata\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ASantsSec/CVE/issues/13",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6405.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6405",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T14:15:19.557",
"lastModified": "2025-06-21T14:15:19.557",
"lastModified": "2025-06-23T15:15:31.153",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Campcodes Online Teacher Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-teacher-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad cr\u00edtica en Campcodes Online Teacher Record Management System 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /admin/edit-teacher-detail.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ASantsSec/CVE/issues/14",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6406.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6406",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T14:15:19.777",
"lastModified": "2025-06-21T14:15:19.777",
"lastModified": "2025-06-23T15:15:31.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en Campcodes Online Hospital Management System 1.0. Este problema afecta a una funcionalidad desconocida del archivo /hms/forgot-password.php. La manipulaci\u00f3n del argumento fullname provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ASantsSec/CVE/issues/11",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6407.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6407",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T15:15:21.213",
"lastModified": "2025-06-21T15:15:21.213",
"lastModified": "2025-06-23T15:15:31.400",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en Campcodes Online Hospital Management System 1.0. Esta afecta a una parte desconocida del archivo /user-login.php. La manipulaci\u00f3n del argumento \"Username\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ASantsSec/CVE/issues/12",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6408.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6408",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T15:15:21.397",
"lastModified": "2025-06-21T15:15:21.397",
"lastModified": "2025-06-23T15:15:31.527",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en Campcodes Online Hospital Management System 1.0, clasificada como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /doctor/search.php. La manipulaci\u00f3n del argumento \"searchdata\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ASantsSec/CVE/issues/15",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6413.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6413",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T18:15:24.720",
"lastModified": "2025-06-21T18:15:24.720",
"lastModified": "2025-06-23T15:15:31.657",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in PHPGurukul Art Gallery Management System 1.1. This affects an unknown part of the file /admin/changeimage1.php. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad cr\u00edtica en PHPGurukul Art Gallery Management System 1.1. Esta afecta a una parte desconocida del archivo /admin/changeimage1.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598229",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/f1rstb100d/myCVE/issues/86",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6414.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6414",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T19:15:22.377",
"lastModified": "2025-06-21T19:15:22.377",
"lastModified": "2025-06-23T15:15:31.800",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in PHPGurukul Art Gallery Management System 1.1. This vulnerability affects unknown code of the file /admin/changeimage2.php. The manipulation of the argument editid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Art Gallery Management System 1.1. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/changeimage2.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598230",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/f1rstb100d/myCVE/issues/87",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6415.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6415",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T19:15:22.583",
"lastModified": "2025-06-21T19:15:22.583",
"lastModified": "2025-06-23T15:15:31.930",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Art Gallery Management System 1.1. This issue affects some unknown processing of the file /admin/changeimage3.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Art Gallery Management System 1.1. Este problema afecta a un procesamiento desconocido del archivo /admin/changeimage3.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598231",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/f1rstb100d/myCVE/issues/88",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6416.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6416",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T20:15:26.237",
"lastModified": "2025-06-21T20:15:26.237",
"lastModified": "2025-06-23T15:15:32.057",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Art Gallery Management System 1.1. Affected is an unknown function of the file /admin/changeimage4.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en PHPGurukul Art Gallery Management System 1.1. La vulnerabilidad afecta a una funci\u00f3n desconocida del archivo /admin/changeimage4.php. La manipulaci\u00f3n del argumento editid provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598232",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/f1rstb100d/myCVE/issues/89",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6417.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6417",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T20:15:27.210",
"lastModified": "2025-06-21T20:15:27.210",
"lastModified": "2025-06-23T15:15:32.183",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-artist.php. The manipulation of the argument awarddetails leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad en PHPGurukul Art Gallery Management System 1.1, clasificada como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /admin/add-artist.php. La manipulaci\u00f3n del argumento awarddetails provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598233",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/f1rstb100d/myCVE/issues/90",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6418.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6418",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T21:15:23.713",
"lastModified": "2025-06-21T21:15:23.713",
"lastModified": "2025-06-23T15:15:32.307",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_query_account.php. The manipulation of the argument Name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0, clasificada como cr\u00edtica. Este problema afecta a una funcionalidad desconocida del archivo /admin/edit_query_account.php. La manipulaci\u00f3n del argumento \"Name\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598243",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/zzb1388/cve/issues/4",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6419.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6419",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T21:15:24.453",
"lastModified": "2025-06-21T21:15:24.453",
"lastModified": "2025-06-23T15:15:32.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/edit_room.php. The manipulation of the argument room_type leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0. Se ha clasificado como cr\u00edtica. Afecta una parte desconocida del archivo /admin/edit_room.php. La manipulaci\u00f3n del argumento \"room_type\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598245",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/zzb1388/cve/issues/5",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6420.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6420",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T22:15:21.687",
"lastModified": "2025-06-21T22:15:21.687",
"lastModified": "2025-06-23T15:15:32.560",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add_room.php. The manipulation of the argument room_type leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0. Se ha declarado cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /admin/add_room.php. La manipulaci\u00f3n del argumento \"room_type\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598246",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/zzb1388/cve/issues/6",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6421.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6421",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-21T22:15:21.870",
"lastModified": "2025-06-21T22:15:21.870",
"lastModified": "2025-06-23T15:15:32.680",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/add_account.php. The manipulation of the argument name/admin_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en code-projects Simple Online Hotel Reservation System 1.0. Se ha clasificado como cr\u00edtica. Este problema afecta a un procesamiento desconocido del archivo /admin/add_account.php. La manipulaci\u00f3n del argumento name/admin_id provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -144,6 +148,10 @@
{
"url": "https://vuldb.com/?submit.598584",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/zzb1388/cve/issues/7",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6452.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6452",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-22T03:15:30.703",
"lastModified": "2025-06-22T03:15:30.703",
"lastModified": "2025-06-23T15:15:32.813",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Patient Record Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Generate New Report Page. The manipulation of the argument Patient Name/Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad en CodeAstro Patient Record Management System 1.0. Se ha clasificado como problem\u00e1tica. Este problema afecta a un procesamiento desconocido del componente Generate New Report Page. La manipulaci\u00f3n del argumento \"Patient Name/Name\" provoca Cross-Site Scripting. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -144,6 +148,10 @@
{
"url": "https://vuldb.com/?submit.598711",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/Vanshdhawan188/CodeAstro-Online-Healthcare-Patient-Record-Management-System/blob/main/CodeAstro-Online-Healthcare-Patient-Record-Management-System.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6453.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6453",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-22T03:15:31.490",
"lastModified": "2025-06-22T03:15:31.490",
"lastModified": "2025-06-23T15:15:32.937",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in diyhi bbs 6.8. Affected is the function Add of the file /src/main/java/cms/web/action/template/ForumManageAction.java of the component API. The manipulation of the argument dirName leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha detectado una vulnerabilidad cr\u00edtica en diyhi bbs 6.8. La funci\u00f3n \"Add\" del archivo /src/main/java/cms/web/action/template/ForumManageAction.java de la API del componente se ve afectada. La manipulaci\u00f3n del argumento dirName provoca un path traversal. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -136,6 +140,10 @@
{
"url": "https://vuldb.com/?submit.598862",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250618-01.md",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

14
CVE-2025/CVE-2025-64xx/CVE-2025-6455.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2025-6455",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-22T03:15:31.667",
"lastModified": "2025-06-22T03:15:31.667",
"lastModified": "2025-06-23T15:15:33.073",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in code-projects Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /messageexec.php. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad clasificada como cr\u00edtica en code-projects Online Hotel Reservation System 1.0. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /messageexec.php. La manipulaci\u00f3n del argumento \"Name\" provoca una inyecci\u00f3n SQL. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado."
}
],
"metrics": {
@ -59,7 +63,7 @@
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
@ -107,7 +111,7 @@
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
@ -140,6 +144,10 @@
{
"url": "https://vuldb.com/?submit.598876",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/blueandhack/cve/issues/3",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

Some files were not shown because too many files have changed in this diff Show More