admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-21 17:41:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-19T22:00:29.405379+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-19 22:04:06 +00:00
parent d70a0c61d7
commit 20ed916944
11 changed files with 818 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
CVE-2023/CVE-2023-257xx/CVE-2023-25718.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25718",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-13T20:15:11.040",
"lastModified": "2025-06-18T22:15:31.953",
"lastModified": "2025-06-19T21:15:22.163",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -81,21 +81,10 @@
"url": "https://m.youtube.com/watch?v=fbNVUgmstSc&pp=0gcJCf0Ao7VqN5tD",
"source": "cve@mitre.org"
},
{
"url": "https://www.connectwise.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures",
"source": "cve@mitre.org"
},
{
"url": "https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity",
"source": "cve@mitre.org"
},
{
"url": "https://cybir.com/2022/cve/connectwise-control-dns-spoofing-poc/",
"source": "af854a3a-2127-422b-91ae-364da2661108",

13
CVE-2023/CVE-2023-257xx/CVE-2023-25719.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2023-25719",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-02-13T20:15:11.110",
"lastModified": "2025-06-18T22:15:32.900",
"lastModified": "2025-06-19T21:15:22.433",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -112,21 +112,10 @@
"url": "https://m.youtube.com/watch?v=fbNVUgmstSc&pp=0gcJCf0Ao7VqN5tD",
"source": "cve@mitre.org"
},
{
"url": "https://www.connectwise.com",
"source": "cve@mitre.org",
"tags": [
"Product"
]
},
{
"url": "https://www.connectwise.com/blog/cybersecurity/the-importance-of-responsible-security-disclosures",
"source": "cve@mitre.org"
},
{
"url": "https://www.huntress.com/blog/clearing-the-air-overblown-claims-of-vulnerabilities-exploits-severity",
"source": "cve@mitre.org"
},
{
"url": "https://cybir.com/2022/cve/hijacking-connectwise-control-and-ddos/",
"source": "af854a3a-2127-422b-91ae-364da2661108",

6
CVE-2025/CVE-2025-330xx/CVE-2025-33053.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2025-33053",
"sourceIdentifier": "secure@microsoft.com",
"published": "2025-06-10T17:22:18.853",
"lastModified": "2025-06-12T14:51:07.700",
"vulnStatus": "Analyzed",
"lastModified": "2025-06-19T21:15:24.103",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "External control of file name or path in WebDAV allows an unauthorized attacker to execute code over a network."
"value": "External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network."
},
{
"lang": "es",

145
CVE-2025/CVE-2025-62xx/CVE-2025-6275.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-6275",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-19T20:15:24.710",
"lastModified": "2025-06-19T20:15:24.710",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been declared as problematic. Affected by this vulnerability is the function GetFuncOffset of the file src/interp/binary-reader-interp.cc. The manipulation leads to use after free. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. A similar issue reported during the same timeframe was disputed by the code maintainer because it might not affect \"real world wasm programs\". Therefore, this entry might get disputed as well in the future."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"baseScore": 3.3,
"baseSeverity": "LOW",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P",
"baseScore": 1.7,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.1,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://github.com/WebAssembly/wabt/issues/2614",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/user-attachments/files/20623626/wabt_crash_5.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313279",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313279",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.593017",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-62xx/CVE-2025-6276.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-6276",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-19T20:15:25.467",
"lastModified": "2025-06-19T20:15:25.467",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Brilliance Golden Link Secondary System up to 20250609. It has been rated as critical. Affected by this issue is some unknown functionality of the file /storagework/rentTakeInfoPage.htm. The manipulation of the argument custTradeName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/eeeeeekkkkkkkk/POC/blob/main/%E9%BB%84%E9%87%91%E9%80%9A%E4%BA%8C%E7%BA%A7%E7%B3%BB%E7%BB%9F%E4%B8%89%E4%BB%A3%E7%AE%A1%E7%90%86%E7%AB%AF%E7%B3%BB%E7%BB%9FrentTakeInfoPage%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313280",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313280",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.593067",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-62xx/CVE-2025-6277.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-6277",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-19T21:15:26.837",
"lastModified": "2025-06-19T21:15:26.837",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Brilliance Golden Link Secondary System up to 20250609. This affects an unknown part of the file /storagework/custTakeInfoPage.htm. The manipulation of the argument custTradeName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/eeeeeekkkkkkkk/POC/blob/main/%E9%BB%84%E9%87%91%E9%80%9A%E4%BA%8C%E7%BA%A7%E7%B3%BB%E7%BB%9F%E4%B8%89%E4%BB%A3%E7%AE%A1%E7%90%86%E7%AB%AF%E7%B3%BB%E7%BB%9FcustTakeInfoPage%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313281",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313281",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.593074",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2025/CVE-2025-62xx/CVE-2025-6278.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2025-6278",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-19T21:15:27.017",
"lastModified": "2025-06-19T21:15:27.017",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Upsonic up to 0.55.6. This vulnerability affects the function os.path.join of the file markdown/server.py. The manipulation of the argument file.filename leads to path traversal. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 5.2,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://github.com/Upsonic/Upsonic/issues/356",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313282",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313282",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.593096",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2025/CVE-2025-62xx/CVE-2025-6279.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-6279",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-19T21:15:27.203",
"lastModified": "2025-06-19T21:15:27.203",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in Upsonic up to 0.55.6. This issue affects the function cloudpickle.loads of the file /tools/add_tool of the component Pickle Handler. The manipulation leads to deserialization. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "ADJACENT_NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 5.2,
"accessVector": "ADJACENT_NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 5.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://github.com/Upsonic/Upsonic/issues/353",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.313283",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.313283",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.593099",
"source": "cna@vuldb.com"
}
]
}

78
CVE-2025/CVE-2025-63xx/CVE-2025-6384.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2025-6384",
"sourceIdentifier": "security@craftersoftware.com",
"published": "2025-06-19T21:15:27.390",
"lastModified": "2025-06-19T21:15:27.390",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.\n\nBy inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution).\n\nThis issue affects CrafterCMS: from 4.0.0 through 4.2.2."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security@craftersoftware.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security@craftersoftware.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-913"
}
]
}
],
"references": [
{
"url": "https://docs.craftercms.org/current/security/advisory.html#cv-2025061901",
"source": "security@craftersoftware.com"
}
]
}

26
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-06-19T20:00:19.710282+00:00
2025-06-19T22:00:29.405379+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-06-19T19:15:22.710000+00:00
2025-06-19T21:15:27.390000+00:00
```
### Last Data Feed Release
@ -33,26 +33,28 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
298721
298727
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `6`
- [CVE-2025-33117](CVE-2025/CVE-2025-331xx/CVE-2025-33117.json) (`2025-06-19T18:15:21.280`)
- [CVE-2025-33121](CVE-2025/CVE-2025-331xx/CVE-2025-33121.json) (`2025-06-19T18:15:21.470`)
- [CVE-2025-36050](CVE-2025/CVE-2025-360xx/CVE-2025-36050.json) (`2025-06-19T18:15:21.630`)
- [CVE-2025-6271](CVE-2025/CVE-2025-62xx/CVE-2025-6271.json) (`2025-06-19T18:15:21.823`)
- [CVE-2025-6272](CVE-2025/CVE-2025-62xx/CVE-2025-6272.json) (`2025-06-19T18:15:22.000`)
- [CVE-2025-6273](CVE-2025/CVE-2025-62xx/CVE-2025-6273.json) (`2025-06-19T19:15:21.800`)
- [CVE-2025-6274](CVE-2025/CVE-2025-62xx/CVE-2025-6274.json) (`2025-06-19T19:15:22.710`)
- [CVE-2025-6275](CVE-2025/CVE-2025-62xx/CVE-2025-6275.json) (`2025-06-19T20:15:24.710`)
- [CVE-2025-6276](CVE-2025/CVE-2025-62xx/CVE-2025-6276.json) (`2025-06-19T20:15:25.467`)
- [CVE-2025-6277](CVE-2025/CVE-2025-62xx/CVE-2025-6277.json) (`2025-06-19T21:15:26.837`)
- [CVE-2025-6278](CVE-2025/CVE-2025-62xx/CVE-2025-6278.json) (`2025-06-19T21:15:27.017`)
- [CVE-2025-6279](CVE-2025/CVE-2025-62xx/CVE-2025-6279.json) (`2025-06-19T21:15:27.203`)
- [CVE-2025-6384](CVE-2025/CVE-2025-63xx/CVE-2025-6384.json) (`2025-06-19T21:15:27.390`)
### CVEs modified in the last Commit
Recently modified CVEs: `0`
Recently modified CVEs: `3`
- [CVE-2023-25718](CVE-2023/CVE-2023-257xx/CVE-2023-25718.json) (`2025-06-19T21:15:22.163`)
- [CVE-2023-25719](CVE-2023/CVE-2023-257xx/CVE-2023-25719.json) (`2025-06-19T21:15:22.433`)
- [CVE-2025-33053](CVE-2025/CVE-2025-330xx/CVE-2025-33053.json) (`2025-06-19T21:15:24.103`)
## Download and Usage

26
_state.csv
View File

@ -221430,8 +221430,8 @@ CVE-2023-25714,0,0,30d1b3b8c2658a5d809246d435c81ddf2f9287a1f5b188d50271eb4a0e433
CVE-2023-25715,0,0,6d88ef667b64c52873b9245db5fa7fe78e16f2c79bc517d1f15a2686934c9956,2024-11-21T07:49:59.500000
CVE-2023-25716,0,0,6a68a371fb70c98c3f42445bc57863f0a9fc317dbcca5e2cf2d7a9605735c149,2024-11-21T07:49:59.620000
CVE-2023-25717,0,0,7ab45047ae291b9110620bf824e69b193b7f478cc5e4114d5ea36a12a4b0fe42,2025-03-10T20:48:20.863000
CVE-2023-25718,0,0,cc8356e68a532592d775c24c87006dd197f0d5fa235dcf5d5a5430114eb11a09,2025-06-18T22:15:31.953000
CVE-2023-25719,0,0,fc4f39771edda78244556047b067a46288412298b1ca6924e0ff9d3be74cad0f,2025-06-18T22:15:32.900000
CVE-2023-25718,0,1,799c811b5192f3a5706f8477255a806a88330fb46379780991bbe627900e34f4,2025-06-19T21:15:22.163000
CVE-2023-25719,0,1,bfcf6536c938eb374b29276ddca6cb8dd254ba76edf8acb6a7a646b4a24dba39,2025-06-19T21:15:22.433000
CVE-2023-2572,0,0,ed886a16c7f1007ac7399c56e87342873576f715bc1e7094b3db9028c0821f2a,2025-01-08T17:15:11.603000
CVE-2023-25721,0,0,f81320c364560d2364a1f3ba19d0330f029ea11a50a94d0f9f6b4ead68d21d31,2025-02-19T19:15:13.430000
CVE-2023-25722,0,0,bca76e3911d579e248d877cdd35275de0ae46411c20589fc7ce57e1a3e928a08,2025-02-19T19:15:13.617000
@ -293492,7 +293492,7 @@ CVE-2025-33043,0,0,044f6c7834f7eed1d82fb6b8377e155f5c1ae51cb36f952b6bba03be184e2
CVE-2025-3305,0,0,caed50d99616da9f2a70f5ff8ff690cbc48b6002cca415c3290f8e367603d490,2025-04-08T16:46:55.203000
CVE-2025-33050,0,0,e156cb367be4771501f8d46050ac0ab3c4178892926d8dc8a607e2c1f3f8c45c,2025-06-12T16:06:39.330000
CVE-2025-33052,0,0,79d6261dc5415dedb0ab47eb4499fcc0a99e2b5ae668d773ee1583b99bbd94c8,2025-06-12T16:06:39.330000
CVE-2025-33053,0,0,e3d97ab73d87c004d23d2f47a5c978681ea0e30e6921bcc173a9b4acf8a35208,2025-06-12T14:51:07.700000
CVE-2025-33053,0,1,7d1e712ca899fe00e9ede86d4b0db539fdac1baab66a03d1b6f21c40ac8ef447,2025-06-19T21:15:24.103000
CVE-2025-33055,0,0,2a92055aba8ed205096c58d7212065a236a7d2bb1a94578c68d5117adf2877b3,2025-06-12T16:06:39.330000
CVE-2025-33056,0,0,6e7cda26b69eb107ce9e61e0b9dd0be48de829fb147f6fa984db0a0c3d628870,2025-06-12T16:06:39.330000
CVE-2025-33057,0,0,11ff4440f3c257c10f8c6be80309710d9a3f21cff0821fca2b3b0f05085ccc24,2025-06-12T16:06:39.330000
@ -293526,9 +293526,9 @@ CVE-2025-33104,0,0,ce493789d7031f1aa7fdbd052662901a982b8a28c0736ec1b9c5ee4d95c43
CVE-2025-33108,0,0,b7b17c481e7854d216c686e2c0555f5e8a47dc8a03346b2246cc2ef576fb64be,2025-06-16T12:32:18.840000
CVE-2025-3311,0,0,e74d5ecfc9cc851d8a2375e0e95746ca34d32a4ae1bff25c4184cdeb743a156f,2025-05-28T21:08:38.403000
CVE-2025-33112,0,0,fbe29f1f149f7078871a044a5ed14a43938b4d758348625746eeccccfd89d3ab,2025-06-12T16:06:39.330000
CVE-2025-33117,1,1,6381d5ef06dd8a86097ae28f66be539ff55aa6454b8d2e6ea6715c77e6dbc398,2025-06-19T18:15:21.280000
CVE-2025-33117,0,0,6381d5ef06dd8a86097ae28f66be539ff55aa6454b8d2e6ea6715c77e6dbc398,2025-06-19T18:15:21.280000
CVE-2025-3312,0,0,d314cd0e3d98597c32289b5f3f4209f174e16c52e8e6ba2862a75de1162b07d0,2025-05-07T16:45:29.103000
CVE-2025-33121,1,1,ea37e2bc9f083c42de9a0148898937684c9b595369b2614ee849e12943392a29,2025-06-19T18:15:21.470000
CVE-2025-33121,0,0,ea37e2bc9f083c42de9a0148898937684c9b595369b2614ee849e12943392a29,2025-06-19T18:15:21.470000
CVE-2025-33122,0,0,8bf405156970be92dc185289ab40adc88619763aed68fcabb2d93a6d0c25beb5,2025-06-17T20:50:23.507000
CVE-2025-3313,0,0,8c3e746212b0f7e34691b425d570770595ed2ddcf9c85476d8c05485bbf5b80a,2025-05-07T16:45:47.623000
CVE-2025-33136,0,0,27a78f34bfe266c2ec4d98dca65066403e26999ef14696ceea2068909ce50e9f,2025-05-30T01:19:40.167000
@ -293819,7 +293819,7 @@ CVE-2025-36041,0,0,11b57158081d8cfc9ecc1117a15361007f166439f866b0246174b70d871a2
CVE-2025-36048,0,0,e6f234690df459e98fdffc3d930fe01b1620227f2dc074dc3a68e84964809fb0,2025-06-18T16:15:27.080000
CVE-2025-36049,0,0,b0ec4ac35a100650df8ca75266737b4850eb5bbf05b9cd3674b43469bb48859a,2025-06-18T16:15:27.233000
CVE-2025-3605,0,0,9176bdbc7dac7692b3792270d47f63d72180fcbe4f8435ffab86ce86c23fcbca,2025-05-12T17:32:32.760000
CVE-2025-36050,1,1,4c4c201d82f85695a912f9b31574e60d2d8b7c3d916cf9933d855de778ee7756,2025-06-19T18:15:21.630000
CVE-2025-36050,0,0,4c4c201d82f85695a912f9b31574e60d2d8b7c3d916cf9933d855de778ee7756,2025-06-19T18:15:21.630000
CVE-2025-3606,0,0,9e462a995d1e7019ecb96791362c7ba0b1305419ebea53ce8f14b67c14ed347e,2025-04-29T13:52:28.490000
CVE-2025-3607,0,0,00a61937e6c72150e849325aa06a18ed35736c13546aa89382694e35fbdc7236,2025-04-29T13:52:47.470000
CVE-2025-3608,0,0,9a5b2a685e23ed54a5b4d9074656a8f2a2ccacace07a3f4ed149936d1bf208f0,2025-05-21T19:48:33.080000
@ -298716,7 +298716,13 @@ CVE-2025-6267,0,0,abd4330b3858f9e21bdcec6fd248eb70ba09cf96ae2d8c82b03451247b5b4e
CVE-2025-6268,0,0,6fa9140584959e948202f092432ac46aad7bd9559cbc482008db9c6d49de4338,2025-06-19T15:15:20.810000
CVE-2025-6269,0,0,30eec445a7f329623315e17a43279c26cfd7baf4f1b9b7e6b978e627caa57830,2025-06-19T16:15:22.797000
CVE-2025-6270,0,0,f7a2c6fa4812a82383b1679e78a47e55be72cdde4b381f8063bad680538f7f1f,2025-06-19T17:15:27.167000
CVE-2025-6271,1,1,175131d2712686c68c8a7d65dee269e3d6e0135659584021a606bb10f41b1a4c,2025-06-19T18:15:21.823000
CVE-2025-6272,1,1,b4dcfc5a98b11f2c1af47f5b50d0a0420af5077bb3d9f99545b88e16b00960e3,2025-06-19T18:15:22
CVE-2025-6273,1,1,ac346a6033a6b04daa757aab039c71ee690c7e43ad4b9d10c634f16f8aa444e2,2025-06-19T19:15:21.800000
CVE-2025-6274,1,1,87e4e29e8623af62e352199cdf79317f2bd127f8f876aa16d833260d42041a56,2025-06-19T19:15:22.710000
CVE-2025-6271,0,0,175131d2712686c68c8a7d65dee269e3d6e0135659584021a606bb10f41b1a4c,2025-06-19T18:15:21.823000
CVE-2025-6272,0,0,b4dcfc5a98b11f2c1af47f5b50d0a0420af5077bb3d9f99545b88e16b00960e3,2025-06-19T18:15:22
CVE-2025-6273,0,0,ac346a6033a6b04daa757aab039c71ee690c7e43ad4b9d10c634f16f8aa444e2,2025-06-19T19:15:21.800000
CVE-2025-6274,0,0,87e4e29e8623af62e352199cdf79317f2bd127f8f876aa16d833260d42041a56,2025-06-19T19:15:22.710000
CVE-2025-6275,1,1,b4705f4be6130a81e7c1d3ea751433521a42653a67aecb6937640536ffcaa973,2025-06-19T20:15:24.710000
CVE-2025-6276,1,1,b5f6b191ea37a256ffbe436f6185bc3efb5ed108c2446b6f86a278716778dd4e,2025-06-19T20:15:25.467000
CVE-2025-6277,1,1,82d482a43b5d8794df4b13290f1dea6b28005704f472e58348d69b3a3d5e9d30,2025-06-19T21:15:26.837000
CVE-2025-6278,1,1,6c0503d6a1a6822ce3108cefdd5d0e0b53346cb13ee60903263c63428241b9e6,2025-06-19T21:15:27.017000
CVE-2025-6279,1,1,0b0c5c0837af44f576ec09704bc971ba0e93e4f8671e572bf1b27532bd9d24a7,2025-06-19T21:15:27.203000
CVE-2025-6384,1,1,5cdec51953ac45fb27a9189069c1d2dedd736d67cb8696f7a629dd1dd7d1191f,2025-06-19T21:15:27.390000

Can't render this file because it is too large.