admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-05-30T20:00:20.309111+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-05-30 20:03:54 +00:00
parent 6ce2b39e2d
commit 2185555683
31 changed files with 1811 additions and 448 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
CVE-2019/CVE-2019-50xx/CVE-2019-5094.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2019-5094",
"sourceIdentifier": "talos-cna@cisco.com",
"published": "2019-09-24T22:15:13.247",
"lastModified": "2024-11-21T04:44:20.523",
"lastModified": "2025-05-30T19:15:24.713",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -19,7 +19,7 @@
"cvssMetricV31": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
@ -39,7 +39,27 @@
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
@ -87,7 +107,7 @@
"weaknesses": [
{
"source": "talos-cna@cisco.com",
"type": "Secondary",
"type": "Primary",
"description": [
{
"lang": "en",
@ -97,7 +117,17 @@
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",

32
CVE-2021/CVE-2021-386xx/CVE-2021-38604.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2021-38604",
"sourceIdentifier": "cve@mitre.org",
"published": "2021-08-12T16:15:10.600",
"lastModified": "2024-11-21T06:17:40.220",
"lastModified": "2025-05-30T19:15:26.503",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-476"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26765.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26765",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.643",
"lastModified": "2024-11-21T06:54:27.570",
"lastModified": "2025-05-30T19:15:27.413",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-362"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26766.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26766",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.690",
"lastModified": "2024-11-21T06:54:27.713",
"lastModified": "2025-05-30T19:15:27.603",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-295"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26767.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26767",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.737",
"lastModified": "2024-11-21T06:54:27.880",
"lastModified": "2025-05-30T19:15:27.813",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-863"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-863"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26768.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26768",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.783",
"lastModified": "2024-11-21T06:54:28.010",
"lastModified": "2025-05-30T19:15:27.993",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26769.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26769",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.833",
"lastModified": "2024-11-21T06:54:28.143",
"lastModified": "2025-05-30T19:15:28.190",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-787"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
],
"configurations": [

32
CVE-2022/CVE-2022-267xx/CVE-2022-26770.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2022-26770",
"sourceIdentifier": "product-security@apple.com",
"published": "2022-05-26T20:15:09.883",
"lastModified": "2024-11-21T06:54:28.270",
"lastModified": "2025-05-30T19:15:28.373",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
@ -74,6 +94,16 @@
"value": "CWE-125"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
],
"configurations": [

13
CVE-2022/CVE-2022-404xx/CVE-2022-40482.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2022-40482",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-04-25T19:15:10.180",
"lastModified": "2025-02-03T21:15:11.827",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:06:45.143",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -88,8 +88,15 @@
"vulnerable": true,
"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "8.0.0",
"versionEndExcluding": "8.83.24",
"matchCriteriaId": "193D63BE-9529-4E52-B43C-01468F5D3532"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndExcluding": "9.32.0",
"matchCriteriaId": "E4552441-3DC8-4890-B731-4F34868C15C8"
"matchCriteriaId": "84C74FC1-EA1E-4972-8811-0194DB878816"
}
]
}

78
CVE-2023/CVE-2023-262xx/CVE-2023-26226.json Normal file
View File

@ -0,0 +1,78 @@
{
"id": "CVE-2023-26226",
"sourceIdentifier": "browser-security@yandex-team.ru",
"published": "2025-05-30T18:15:32.283",
"lastModified": "2025-05-30T18:15:32.283",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.682"
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "browser-security@yandex-team.ru",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "browser-security@yandex-team.ru",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
],
"references": [
{
"url": "https://yandex.com/bugbounty/i/hall-of-fame-browser/",
"source": "browser-security@yandex-team.ru"
}
]
}

12
CVE-2024/CVE-2024-213xx/CVE-2024-21309.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-21309",
"sourceIdentifier": "secure@microsoft.com",
"published": "2024-01-09T18:15:54.500",
"lastModified": "2024-11-21T08:54:04.583",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:31:46.547",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -89,8 +89,14 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*",
"versionEndExcluding": "10.0.20348.2227",
"matchCriteriaId": "13224366-AD63-4CAD-85D1-F9599CFE1B14"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:x64:*",
"versionEndExcluding": "10.0.25398.643",
"matchCriteriaId": "3B05B16C-BA18-4C33-8699-0D4D30323305"
"matchCriteriaId": "16B6D24C-F4A0-4E08-8A11-CB2564A3B8D0"
}
]
}

32
CVE-2024/CVE-2024-225xx/CVE-2024-22569.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-22569",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-31T02:15:54.467",
"lastModified": "2024-11-21T08:56:27.863",
"lastModified": "2025-05-30T19:15:29.023",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-79"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [

32
CVE-2024/CVE-2024-243xx/CVE-2024-24332.json
View File

@ -2,7 +2,7 @@
"id": "CVE-2024-24332",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-01-30T15:15:09.693",
"lastModified": "2024-11-21T08:59:11.677",
"lastModified": "2025-05-30T19:15:29.330",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
@ -36,6 +36,26 @@
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
]
},
@ -49,6 +69,16 @@
"value": "CWE-78"
}
]
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-78"
}
]
}
],
"configurations": [

22
CVE-2024/CVE-2024-386xx/CVE-2024-38664.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38664",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-24T14:15:12.707",
"lastModified": "2024-11-21T09:26:35.220",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:30:07.877",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,27 +61,21 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"matchCriteriaId": "108695B6-7133-4B6C-80AF-0F66880FE858"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.33",
"matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD"
"matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE"
"matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
}
]
}

32
CVE-2024/CVE-2024-386xx/CVE-2024-38667.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-38667",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-24T14:15:12.790",
"lastModified": "2024-11-21T09:26:35.473",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:30:24.697",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,34 +61,28 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.7",
"matchCriteriaId": "C3821E00-CCBB-4CD4-AD2C-D47DFF2F5A34"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionStartIncluding": "5.7",
"versionEndExcluding": "6.1.93",
"matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4"
"matchCriteriaId": "6A668619-08B8-4929-B342-D58CF8F9CA15"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.33",
"matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD"
"matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE"
"matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
}
]
}
@ -108,7 +102,6 @@
"url": "https://git.kernel.org/stable/c/3090c06d50eaa91317f84bf3eac4c265e6cb8d44",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -116,7 +109,6 @@
"url": "https://git.kernel.org/stable/c/a638b0461b58aa3205cd9d5f14d6f703d795b4af",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -124,7 +116,6 @@
"url": "https://git.kernel.org/stable/c/ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -140,7 +131,6 @@
"url": "https://git.kernel.org/stable/c/3090c06d50eaa91317f84bf3eac4c265e6cb8d44",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -148,7 +138,6 @@
"url": "https://git.kernel.org/stable/c/a638b0461b58aa3205cd9d5f14d6f703d795b4af",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -156,7 +145,6 @@
"url": "https://git.kernel.org/stable/c/ea22d4195cca13d5fdbc4d6555a2dfb8a7867a9e",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
}

38
CVE-2024/CVE-2024-392xx/CVE-2024-39277.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39277",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-21T12:15:11.330",
"lastModified": "2024-11-21T09:27:23.317",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:30:44.757",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,41 +91,35 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.11",
"matchCriteriaId": "89EC14A5-9B15-472C-A870-D93968B329AD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.15",
"versionStartIncluding": "5.11",
"versionEndExcluding": "5.15.161",
"matchCriteriaId": "E2AB5A01-EFFD-4A24-8CCB-4A016C8C4BB3"
"matchCriteriaId": "31130639-53FE-4726-8986-434EE2528CB2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.1",
"versionStartIncluding": "5.16",
"versionEndExcluding": "6.1.93",
"matchCriteriaId": "7446FC33-DC4F-4D31-94B5-FB577CFA66F4"
"matchCriteriaId": "EEFB78EE-F990-4197-BF1C-156760A55667"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.33",
"matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD"
"matchCriteriaId": "FCE796DF-3B50-4DC6-BAE5-95271068FC9E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE"
"matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
}
]
}
@ -145,7 +139,6 @@
"url": "https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -153,7 +146,6 @@
"url": "https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -161,7 +153,6 @@
"url": "https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -169,7 +160,6 @@
"url": "https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -185,7 +175,6 @@
"url": "https://git.kernel.org/stable/c/5a91116b003175302f2e6ad94b76fb9b5a141a41",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -193,7 +182,6 @@
"url": "https://git.kernel.org/stable/c/8e1ba9df9a35e8dc64f657a64e523c79ba01e464",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -201,7 +189,6 @@
"url": "https://git.kernel.org/stable/c/b41b0018e8ca06e985e87220a618ec633988fd13",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -209,7 +196,6 @@
"url": "https://git.kernel.org/stable/c/e64746e74f717961250a155e14c156616fcd981f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
}

28
CVE-2024/CVE-2024-392xx/CVE-2024-39291.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39291",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-06-24T14:15:12.863",
"lastModified": "2024-11-21T09:27:24.090",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:31:00.777",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -61,27 +61,21 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.5",
"matchCriteriaId": "98C491C7-598A-4D36-BA4F-3505A5727ED1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionStartIncluding": "6.5",
"versionEndExcluding": "6.6.33",
"matchCriteriaId": "53BC60D9-65A5-4D8F-96C8-149F09214DBD"
"matchCriteriaId": "3781A223-DB26-4813-92E3-3EF7B545A0E8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.4",
"matchCriteriaId": "A500F935-F0ED-4DC7-AD02-9D7C365D13AE"
"matchCriteriaId": "991B9791-966A-4D18-9E8D-A8AB128E5627"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "C40DD2D9-90E3-4E95-9F1A-E7C680F11F2A"
"criteria": "cpe:2.3:o:linux:linux_kernel:6.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "2EBB4392-5FA6-4DA9-9772-8F9C750109FA"
}
]
}
@ -93,7 +87,6 @@
"url": "https://git.kernel.org/stable/c/19bd9537b6bc1c882df25206c15917214d8e9460",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -101,7 +94,6 @@
"url": "https://git.kernel.org/stable/c/acce6479e30f73ab0872e93a75aed1fb791d04ec",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -109,7 +101,6 @@
"url": "https://git.kernel.org/stable/c/f1b6a016dfa45cedc080d36fa5d6f22237d80e8b",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -117,7 +108,6 @@
"url": "https://git.kernel.org/stable/c/19bd9537b6bc1c882df25206c15917214d8e9460",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -125,7 +115,6 @@
"url": "https://git.kernel.org/stable/c/acce6479e30f73ab0872e93a75aed1fb791d04ec",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -133,7 +122,6 @@
"url": "https://git.kernel.org/stable/c/f1b6a016dfa45cedc080d36fa5d6f22237d80e8b",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
}

18
CVE-2024/CVE-2024-394xx/CVE-2024-39479.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-39479",
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"published": "2024-07-05T07:15:10.530",
"lastModified": "2024-11-21T09:27:45.307",
"vulnStatus": "Modified",
"lastModified": "2025-05-30T19:31:18.470",
"vulnStatus": "Analyzed",
"cveTags": [],
"descriptions": [
{
@ -91,16 +91,16 @@
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.6",
"versionStartIncluding": "6.2",
"versionEndExcluding": "6.6.34",
"matchCriteriaId": "AC0C6E24-8240-425A-BD1A-F78E6D3A67FC"
"matchCriteriaId": "6BD9DCFD-0342-4039-B8CE-70F26DB7173B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "6.9",
"versionStartIncluding": "6.7",
"versionEndExcluding": "6.9.5",
"matchCriteriaId": "54EDFD02-25E6-4BC8-9AD0-0A59881F400A"
"matchCriteriaId": "8366481F-770F-4850-9D0F-2977BD97D5C5"
}
]
}
@ -112,7 +112,6 @@
"url": "https://git.kernel.org/stable/c/5bc9de065b8bb9b8dd8799ecb4592d0403b54281",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -120,7 +119,6 @@
"url": "https://git.kernel.org/stable/c/ce5a22d22db691d14516c3b8fdbf69139eb2ea8f",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -128,7 +126,6 @@
"url": "https://git.kernel.org/stable/c/cfa73607eb21a4ce1d6294a2c5733628897b48a2",
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Mailing List",
"Patch"
]
},
@ -136,7 +133,6 @@
"url": "https://git.kernel.org/stable/c/5bc9de065b8bb9b8dd8799ecb4592d0403b54281",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -144,7 +140,6 @@
"url": "https://git.kernel.org/stable/c/ce5a22d22db691d14516c3b8fdbf69139eb2ea8f",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
},
@ -152,7 +147,6 @@
"url": "https://git.kernel.org/stable/c/cfa73607eb21a4ce1d6294a2c5733628897b48a2",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
]
}

86
CVE-2025/CVE-2025-488xx/CVE-2025-48883.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-48883",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:29.540",
"lastModified": "2025-05-30T19:15:29.540",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Chrome PHP allows users to start playing with chrome/chromium in headless mode from PHP. Prior to version 1.14.0, CSS Selector expressions are not properly encoded, which can lead to XSS (cross-site scripting) vulnerabilities. This is patched in v1.14.0. As a workaround, users can apply encoding manually to their selectors if they are unable to upgrade."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/chrome-php/chrome/commit/34b2b8d1691f4e3940b1e1e95d388fffe81169c8",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/chrome-php/chrome/pull/691",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/chrome-php/chrome/security/advisories/GHSA-3432-fmrf-7vmh",
"source": "security-advisories@github.com"
}
]
}

82
CVE-2025/CVE-2025-488xx/CVE-2025-48885.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-48885",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:29.723",
"lastModified": "2025-05-30T19:15:29.723",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "application-urlshortener create shortened URLs for XWiki pages. Versions prior to 1.2.4 are vulnerable to users with view access being able to create arbitrary pages. Any user (even guests) can create these docs, even if they don't exist already. This can enable guest users to denature the structure of wiki pages, by creating 1000's of pages with random name, that then become very difficult to handle by admins. Version 1.2.4 fixes the issue. No known workarounds are available."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "PROOF_OF_CONCEPT",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-352"
}
]
}
],
"references": [
{
"url": "https://github.com/xwikisas/application-urlshortener/commit/f121a9c973fd25948e82efcb6289d53fe00a9e7d",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/xwikisas/application-urlshortener/security/advisories/GHSA-c57g-9v2r-w8v3",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2025/CVE-2025-488xx/CVE-2025-48887.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-48887",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T18:15:32.500",
"lastModified": "2025-05-30T18:15:32.500",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vLLM, an inference and serving engine for large language models (LLMs), has a Regular Expression Denial of Service (ReDoS) vulnerability in the file `vllm/entrypoints/openai/tool_parsers/pythonic_tool_parser.py` of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and nested regular expression for tool call detection, which can be exploited by an attacker to cause severe performance degradation or make the service unavailable. The pattern contains multiple nested quantifiers, optional groups, and inner repetitions which make it vulnerable to catastrophic backtracking. Version 0.9.0 contains a patch for the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-1333"
}
]
}
],
"references": [
{
"url": "https://github.com/vllm-project/vllm/commit/4fc1bf813ad80172c1db31264beaef7d93fe0601",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/pull/18454",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-w6q7-j642-7c25",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-w6q7-j642-7c25",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

86
CVE-2025/CVE-2025-489xx/CVE-2025-48938.json Normal file
View File

@ -0,0 +1,86 @@
{
"id": "CVE-2025-48938",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:29.980",
"lastModified": "2025-05-30T19:15:29.980",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "go-gh is a collection of Go modules to make authoring GitHub CLI extensions easier. A security vulnerability has been identified in versions prior to 2.12.1 where an attacker-controlled GitHub Enterprise Server could result in executing arbitrary commands on a user's machine by replacing HTTP URLs provided by GitHub with local file paths for browsing. In `2.12.1`, `Browser.Browse()` has been enhanced to allow and disallow a variety of scenarios to avoid opening or executing files on the filesystem without unduly impacting HTTP URLs. No known workarounds are available other than upgrading."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 2.6,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"subAvailabilityImpact": "HIGH",
"exploitMaturity": "UNREPORTED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-501"
}
]
}
],
"references": [
{
"url": "https://github.com/cli/go-gh/blob/61bf393cf4aeea6d00a6251390f5f67f5b67e727/pkg/browser/browser.go",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cli/go-gh/commit/a08820a13f257d6c5b4cb86d37db559ec6d14577",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/cli/go-gh/security/advisories/GHSA-g9f5-x53j-h563",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2025/CVE-2025-489xx/CVE-2025-48942.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-48942",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:30.130",
"lastModified": "2025-05-30T19:15:30.130",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vLLM is an inference and serving engine for large language models (LLMs). In versions 0.8.0 up to but excluding 0.9.0, hitting the /v1/completions API with a invalid json_schema as a Guided Param kills the vllm server. This vulnerability is similar GHSA-9hcf-v7m4-6m2j/CVE-2025-48943, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-248"
}
]
}
],
"references": [
{
"url": "https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/issues/17248",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/pull/17623",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-6qc9-v4r8-22xg",
"source": "security-advisories@github.com"
}
]
}

68
CVE-2025/CVE-2025-489xx/CVE-2025-48943.json Normal file
View File

@ -0,0 +1,68 @@
{
"id": "CVE-2025-48943",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:30.280",
"lastModified": "2025-05-30T19:15:30.280",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vLLM is an inference and serving engine for large language models (LLMs). Version 0.8.0 up to but excluding 0.9.0 have a Denial of Service (ReDoS) that causes the vLLM server to crash if an invalid regex was provided while using structured output. This vulnerability is similar to GHSA-6qc9-v4r8-22xg/CVE-2025-48942, but for regex instead of a JSON schema. Version 0.9.0 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-248"
}
]
}
],
"references": [
{
"url": "https://github.com/vllm-project/vllm/commit/08bf7840780980c7568c573c70a6a8db94fd45ff",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/issues/17313",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/pull/17623",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-9hcf-v7m4-6m2j",
"source": "security-advisories@github.com"
}
]
}

60
CVE-2025/CVE-2025-489xx/CVE-2025-48944.json Normal file
View File

@ -0,0 +1,60 @@
{
"id": "CVE-2025-48944",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-05-30T19:15:30.433",
"lastModified": "2025-05-30T19:15:30.433",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vLLM is an inference and serving engine for large language models (LLMs). In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the \"pattern\" and \"type\" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference worker with a single request. The worker will remain down until it is restarted. Version 0.9.0 fixes the issue."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
],
"references": [
{
"url": "https://github.com/vllm-project/vllm/pull/17623",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/vllm-project/vllm/security/advisories/GHSA-vrq3-r879-7m65",
"source": "security-advisories@github.com"
}
]
}

64
CVE-2025/CVE-2025-50xx/CVE-2025-5054.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-5054",
"sourceIdentifier": "security@ubuntu.com",
"published": "2025-05-30T18:15:32.670",
"lastModified": "2025-05-30T18:15:32.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.\n\n\n\n\nWhen handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.0,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@ubuntu.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
],
"references": [
{
"url": "https://ubuntu.com/security/CVE-2025-5054",
"source": "security@ubuntu.com"
},
{
"url": "https://ubuntu.com/security/notices/USN-7545-1",
"source": "security@ubuntu.com"
},
{
"url": "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt",
"source": "security@ubuntu.com"
}
]
}

145
CVE-2025/CVE-2025-53xx/CVE-2025-5357.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5357",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-30T18:15:32.847",
"lastModified": "2025-05-30T18:15:32.847",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PWD Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-120"
}
]
}
],
"references": [
{
"url": "https://fitoxs.com/exploit/exploit-c15b3c9a2d7b1618fc5a30df50e5a13d6275f109f1fba20465d4cdd76ee8772b.txt",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.310651",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.310651",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.585641",
"source": "cna@vuldb.com"
},
{
"url": "https://fitoxs.com/exploit/exploit-c15b3c9a2d7b1618fc5a30df50e5a13d6275f109f1fba20465d4cdd76ee8772b.txt",
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"
}
]
}

141
CVE-2025/CVE-2025-53xx/CVE-2025-5358.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-5358",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-30T18:15:33.040",
"lastModified": "2025-05-30T18:15:33.040",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ASantsSec/CVE/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.310652",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.310652",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.586569",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-53xx/CVE-2025-5359.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5359",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-30T19:15:30.670",
"lastModified": "2025-05-30T19:15:30.670",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /appointment-history.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ASantsSec/CVE/issues/7",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.310653",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.310653",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.586590",
"source": "cna@vuldb.com"
},
{
"url": "https://www.campcodes.com/",
"source": "cna@vuldb.com"
}
]
}

71
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-05-30T18:00:19.539432+00:00
2025-05-30T20:00:20.309111+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-05-30T17:15:30.473000+00:00
2025-05-30T19:31:46.547000+00:00
```
### Last Data Feed Release
@ -33,51 +33,48 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
296056
296068
```
### CVEs added in the last Commit
Recently added CVEs: `7`
Recently added CVEs: `12`
- [CVE-2024-13915](CVE-2024/CVE-2024-139xx/CVE-2024-13915.json) (`2025-05-30T16:15:35.953`)
- [CVE-2024-13916](CVE-2024/CVE-2024-139xx/CVE-2024-13916.json) (`2025-05-30T16:15:36.117`)
- [CVE-2024-13917](CVE-2024/CVE-2024-139xx/CVE-2024-13917.json) (`2025-05-30T16:15:36.263`)
- [CVE-2024-23589](CVE-2024/CVE-2024-235xx/CVE-2024-23589.json) (`2025-05-30T16:15:36.427`)
- [CVE-2024-42190](CVE-2024/CVE-2024-421xx/CVE-2024-42190.json) (`2025-05-30T16:15:37.597`)
- [CVE-2024-42191](CVE-2024/CVE-2024-421xx/CVE-2024-42191.json) (`2025-05-30T16:15:37.750`)
- [CVE-2025-5356](CVE-2025/CVE-2025-53xx/CVE-2025-5356.json) (`2025-05-30T17:15:30.473`)
- [CVE-2023-26226](CVE-2023/CVE-2023-262xx/CVE-2023-26226.json) (`2025-05-30T18:15:32.283`)
- [CVE-2025-48883](CVE-2025/CVE-2025-488xx/CVE-2025-48883.json) (`2025-05-30T19:15:29.540`)
- [CVE-2025-48885](CVE-2025/CVE-2025-488xx/CVE-2025-48885.json) (`2025-05-30T19:15:29.723`)
- [CVE-2025-48887](CVE-2025/CVE-2025-488xx/CVE-2025-48887.json) (`2025-05-30T18:15:32.500`)
- [CVE-2025-48938](CVE-2025/CVE-2025-489xx/CVE-2025-48938.json) (`2025-05-30T19:15:29.980`)
- [CVE-2025-48942](CVE-2025/CVE-2025-489xx/CVE-2025-48942.json) (`2025-05-30T19:15:30.130`)
- [CVE-2025-48943](CVE-2025/CVE-2025-489xx/CVE-2025-48943.json) (`2025-05-30T19:15:30.280`)
- [CVE-2025-48944](CVE-2025/CVE-2025-489xx/CVE-2025-48944.json) (`2025-05-30T19:15:30.433`)
- [CVE-2025-5054](CVE-2025/CVE-2025-50xx/CVE-2025-5054.json) (`2025-05-30T18:15:32.670`)
- [CVE-2025-5357](CVE-2025/CVE-2025-53xx/CVE-2025-5357.json) (`2025-05-30T18:15:32.847`)
- [CVE-2025-5358](CVE-2025/CVE-2025-53xx/CVE-2025-5358.json) (`2025-05-30T18:15:33.040`)
- [CVE-2025-5359](CVE-2025/CVE-2025-53xx/CVE-2025-5359.json) (`2025-05-30T19:15:30.670`)
### CVEs modified in the last Commit
Recently modified CVEs: `273`
Recently modified CVEs: `17`
- [CVE-2025-4985](CVE-2025/CVE-2025-49xx/CVE-2025-4985.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4986](CVE-2025/CVE-2025-49xx/CVE-2025-4986.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4988](CVE-2025/CVE-2025-49xx/CVE-2025-4988.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4989](CVE-2025/CVE-2025-49xx/CVE-2025-4989.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4990](CVE-2025/CVE-2025-49xx/CVE-2025-4990.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4991](CVE-2025/CVE-2025-49xx/CVE-2025-4991.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-4992](CVE-2025/CVE-2025-49xx/CVE-2025-4992.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5025](CVE-2025/CVE-2025-50xx/CVE-2025-5025.json) (`2025-05-30T17:15:30.200`)
- [CVE-2025-5142](CVE-2025/CVE-2025-51xx/CVE-2025-5142.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5190](CVE-2025/CVE-2025-51xx/CVE-2025-5190.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5235](CVE-2025/CVE-2025-52xx/CVE-2025-5235.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5236](CVE-2025/CVE-2025-52xx/CVE-2025-5236.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5259](CVE-2025/CVE-2025-52xx/CVE-2025-5259.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5307](CVE-2025/CVE-2025-53xx/CVE-2025-5307.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5321](CVE-2025/CVE-2025-53xx/CVE-2025-5321.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5323](CVE-2025/CVE-2025-53xx/CVE-2025-5323.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5324](CVE-2025/CVE-2025-53xx/CVE-2025-5324.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5325](CVE-2025/CVE-2025-53xx/CVE-2025-5325.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5326](CVE-2025/CVE-2025-53xx/CVE-2025-5326.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5327](CVE-2025/CVE-2025-53xx/CVE-2025-5327.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5328](CVE-2025/CVE-2025-53xx/CVE-2025-5328.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5330](CVE-2025/CVE-2025-53xx/CVE-2025-5330.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5331](CVE-2025/CVE-2025-53xx/CVE-2025-5331.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5332](CVE-2025/CVE-2025-53xx/CVE-2025-5332.json) (`2025-05-30T16:31:03.107`)
- [CVE-2025-5334](CVE-2025/CVE-2025-53xx/CVE-2025-5334.json) (`2025-05-30T16:31:03.107`)
- [CVE-2019-5094](CVE-2019/CVE-2019-50xx/CVE-2019-5094.json) (`2025-05-30T19:15:24.713`)
- [CVE-2021-38604](CVE-2021/CVE-2021-386xx/CVE-2021-38604.json) (`2025-05-30T19:15:26.503`)
- [CVE-2022-26765](CVE-2022/CVE-2022-267xx/CVE-2022-26765.json) (`2025-05-30T19:15:27.413`)
- [CVE-2022-26766](CVE-2022/CVE-2022-267xx/CVE-2022-26766.json) (`2025-05-30T19:15:27.603`)
- [CVE-2022-26767](CVE-2022/CVE-2022-267xx/CVE-2022-26767.json) (`2025-05-30T19:15:27.813`)
- [CVE-2022-26768](CVE-2022/CVE-2022-267xx/CVE-2022-26768.json) (`2025-05-30T19:15:27.993`)
- [CVE-2022-26769](CVE-2022/CVE-2022-267xx/CVE-2022-26769.json) (`2025-05-30T19:15:28.190`)
- [CVE-2022-26770](CVE-2022/CVE-2022-267xx/CVE-2022-26770.json) (`2025-05-30T19:15:28.373`)
- [CVE-2022-40482](CVE-2022/CVE-2022-404xx/CVE-2022-40482.json) (`2025-05-30T19:06:45.143`)
- [CVE-2024-21309](CVE-2024/CVE-2024-213xx/CVE-2024-21309.json) (`2025-05-30T19:31:46.547`)
- [CVE-2024-22569](CVE-2024/CVE-2024-225xx/CVE-2024-22569.json) (`2025-05-30T19:15:29.023`)
- [CVE-2024-24332](CVE-2024/CVE-2024-243xx/CVE-2024-24332.json) (`2025-05-30T19:15:29.330`)
- [CVE-2024-38664](CVE-2024/CVE-2024-386xx/CVE-2024-38664.json) (`2025-05-30T19:30:07.877`)
- [CVE-2024-38667](CVE-2024/CVE-2024-386xx/CVE-2024-38667.json) (`2025-05-30T19:30:24.697`)
- [CVE-2024-39277](CVE-2024/CVE-2024-392xx/CVE-2024-39277.json) (`2025-05-30T19:30:44.757`)
- [CVE-2024-39291](CVE-2024/CVE-2024-392xx/CVE-2024-39291.json) (`2025-05-30T19:31:00.777`)
- [CVE-2024-39479](CVE-2024/CVE-2024-394xx/CVE-2024-39479.json) (`2025-05-30T19:31:18.470`)
## Download and Usage

606
_state.csv
View File

File diff suppressed because it is too large Load Diff