Auto-Update: 2025-03-24T13:00:19.913817+00:00

2025-06-19 17:31:42 +00:00 · 2025-03-24 13:03:50 +00:00 · 2025-03-24 13:03:50 +00:00 · 24ada614f2
commit 24ada614f2
parent 0cebfa4b81
7 changed files with 248 additions and 26 deletions
--- a/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json
+++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json
@ -2,8 +2,8 @@
  "id": "CVE-2023-44415",
  "sourceIdentifier": "zdi-disclosures@trendmicro.com",
  "published": "2024-05-03T03:15:55.203",
-  "lastModified": "2024-11-21T08:25:51.420",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-03-24T12:48:35.967",
+  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
@ -16,6 +16,28 @@
    }
  ],
  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+          "baseScore": 8.0,
+          "baseSeverity": "HIGH",
+          "attackVector": "ADJACENT_NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "HIGH",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "HIGH"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 5.9
+      }
+    ],
    "cvssMetricV30": [
      {
        "source": "zdi-disclosures@trendmicro.com",
@ -51,14 +73,76 @@
      ]
    }
  ],
+  "configurations": [
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:dlink:dir-2150_firmware:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "1B122125-0DC1-4B89-948E-7AEDB33152BA"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "06F065A1-2599-442C-AB55-DE24D47A7869"
+            }
+          ]
+        }
+      ]
+    },
+    {
+      "operator": "AND",
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:o:dlink:dir-1260_firmware:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "7A09DE31-888D-4EA0-9F5D-2DA555DF9451"
+            }
+          ]
+        },
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": false,
+              "criteria": "cpe:2.3:h:dlink:dir-1260:-:*:*:*:*:*:*:*",
+              "matchCriteriaId": "AF5C311E-DB22-452B-BC26-265E3A84B57C"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1513/",
-      "source": "zdi-disclosures@trendmicro.com"
+      "source": "zdi-disclosures@trendmicro.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1513/",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
+      "source": "af854a3a-2127-422b-91ae-364da2661108",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json
+++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json
@ -2,8 +2,8 @@
  "id": "CVE-2024-4362",
  "sourceIdentifier": "security@wordfence.com",
  "published": "2024-05-22T09:15:12.393",
-  "lastModified": "2024-11-21T09:42:41.970",
-  "vulnStatus": "Undergoing Analysis",
+  "lastModified": "2025-03-24T12:47:20.663",
+  "vulnStatus": "Analyzed",
  "cveTags": [],
  "descriptions": [
    {
@ -36,33 +36,101 @@
        },
        "exploitabilityScore": 3.1,
        "impactScore": 2.7
+      },
+      {
+        "source": "nvd@nist.gov",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
+          "baseScore": 5.4,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 2.7
      }
    ]
  },
+  "weaknesses": [
+    {
+      "source": "nvd@nist.gov",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "configurations": [
+    {
+      "nodes": [
+        {
+          "operator": "OR",
+          "negate": false,
+          "cpeMatch": [
+            {
+              "vulnerable": true,
+              "criteria": "cpe:2.3:a:siteorigin:siteorigin_widgets_bundle:*:*:*:*:*:wordpress:*:*",
+              "versionEndExcluding": "1.58.8",
+              "matchCriteriaId": "F18C8DEA-8D16-4720-A15F-4075C1283CE1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
  "references": [
    {
      "url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27",
-      "source": "security@wordfence.com"
+      "source": "security@wordfence.com",
+      "tags": [
+        "Product"
+      ]
    },
    {
      "url": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php",
-      "source": "security@wordfence.com"
+      "source": "security@wordfence.com",
+      "tags": [
+        "Patch"
+      ]
    },
    {
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve",
-      "source": "security@wordfence.com"
+      "source": "security@wordfence.com",
+      "tags": [
+        "Third Party Advisory"
+      ]
    },
    {
      "url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
+      "source": "af854a3a-2127-422b-91ae-364da2661108",
+      "tags": [
+        "Product"
+      ]
    },
    {
      "url": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
+      "source": "af854a3a-2127-422b-91ae-364da2661108",
+      "tags": [
+        "Patch"
+      ]
    },
    {
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve",
-      "source": "af854a3a-2127-422b-91ae-364da2661108"
+      "source": "af854a3a-2127-422b-91ae-364da2661108",
+      "tags": [
+        "Third Party Advisory"
+      ]
    }
  ]
 }
--- a/CVE-2025/CVE-2025-04xx/CVE-2025-0478.json
+++ b/CVE-2025/CVE-2025-04xx/CVE-2025-0478.json
@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-0478",
+  "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
+  "published": "2025-03-24T12:15:13.227",
+  "lastModified": "2025-03-24T12:15:13.227",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-280"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/",
+      "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-08xx/CVE-2025-0835.json
+++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0835.json
@ -0,0 +1,33 @@
+{
+  "id": "CVE-2025-0835",
+  "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
+  "published": "2025-03-24T12:15:13.597",
+  "lastModified": "2025-03-24T12:15:13.597",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory."
+    }
+  ],
+  "metrics": {},
+  "weaknesses": [
+    {
+      "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-416"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/",
+      "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json
+++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json
@ -3,7 +3,7 @@
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-03-24T10:15:12.943",
  "lastModified": "2025-03-24T10:15:12.943",
-  "vulnStatus": "Received",
+  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-03-24T11:00:20.025158+00:00
+2025-03-24T13:00:19.913817+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-03-24T10:15:12.943000+00:00
+2025-03-24T12:48:35.967000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-286292
+286294
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2025-2700](CVE-2025/CVE-2025-27xx/CVE-2025-2700.json) (`2025-03-24T09:15:12.930`)
- [CVE-2025-2701](CVE-2025/CVE-2025-27xx/CVE-2025-2701.json) (`2025-03-24T09:15:13.950`)
- [CVE-2025-2702](CVE-2025/CVE-2025-27xx/CVE-2025-2702.json) (`2025-03-24T10:15:12.943`)
+- [CVE-2025-0478](CVE-2025/CVE-2025-04xx/CVE-2025-0478.json) (`2025-03-24T12:15:13.227`)
+- [CVE-2025-0835](CVE-2025/CVE-2025-08xx/CVE-2025-0835.json) (`2025-03-24T12:15:13.597`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `3`

+- [CVE-2023-44415](CVE-2023/CVE-2023-444xx/CVE-2023-44415.json) (`2025-03-24T12:48:35.967`)
+- [CVE-2024-4362](CVE-2024/CVE-2024-43xx/CVE-2024-4362.json) (`2025-03-24T12:47:20.663`)
+- [CVE-2025-2702](CVE-2025/CVE-2025-27xx/CVE-2025-2702.json) (`2025-03-24T10:15:12.943`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -235357,7 +235357,7 @@ CVE-2023-44411,0,0,5b73d7993ecb1e03473311340db5236397f5da42eb4c3c92ec97a1c9fa2db
 CVE-2023-44412,0,0,6216ac153fb55d835f60246bbb50d103769c8d5dc05c43fa99141c8048ca9c0b,2024-11-21T08:25:51.077000
 CVE-2023-44413,0,0,f05f5a2a2ce80d46dbf9af9fcd6d7108fdba7b335628dbc7bcd594742b01d42b,2024-11-21T08:25:51.190000
 CVE-2023-44414,0,0,4863139c39a5e2444afa2bc8a31ae4d79bf72c72c7e5042970d2e09ad2ad38ad,2024-11-21T08:25:51.303000
-CVE-2023-44415,0,0,45efad2428a4ab976879b0ef8ec8942cfb6ec7485b6d91fcfb2aa672d3a0244d,2024-11-21T08:25:51.420000
+CVE-2023-44415,0,1,76624e7442dbefa7d6042a7153b0e4add907db188a8588c7070de83d297cc212,2025-03-24T12:48:35.967000
 CVE-2023-44416,0,0,a8aa52de01d9bab02c5656b5193a650636dc7f0c182948154a8a159d3bab7637,2024-11-21T08:25:51.530000
 CVE-2023-44417,0,0,d604d11eab16579ae507c724601dca6ac0340686b33321707acfebf29618dbd8,2024-11-21T08:25:51.660000
 CVE-2023-44418,0,0,0f609b4f0722e7e7caabfa66af90176247cbc3cf793526b632257273742f8214,2024-11-21T08:25:51.780000
@ -267084,7 +267084,7 @@ CVE-2024-43613,0,0,d7299c559a75859017911328de01e3cf012a0c38c26222986e53798dd88d1
 CVE-2024-43614,0,0,c5d2c4e61e699928a9aa80596895800f4eb921603cf99ac879c7ced052428111,2024-10-21T20:50:38.370000
 CVE-2024-43615,0,0,fa3ae0c75332c4f77e78f0d17ed80118371844c95c489872e0a72219eacc2cf0,2024-10-21T21:00:34.967000
 CVE-2024-43616,0,0,53854d33ac39e3d7883338ceed28a977b17a47e36ed07fb5aef1617d3c509acc,2024-10-21T20:47:00.313000
-CVE-2024-4362,0,0,e9c0fcc54f4df0a33f76861faec7f998c34c51a7751c7876a47f00a2ecc5e895,2024-11-21T09:42:41.970000
+CVE-2024-4362,0,1,bb774e1e8915d69721ba8e30a59811fec618bd2752bcac57607a0c7eea514be3,2025-03-24T12:47:20.663000
 CVE-2024-43620,0,0,8e0c2a1210cc0c4b2cb1627c80802cd8cf1eb8d1337fe83c819d52cdc6ca964e,2024-11-15T23:59:51.167000
 CVE-2024-43621,0,0,0abee03416290603675a89e86634b63819c275cad6799db8e43c2e3aac84cbd0,2024-11-15T23:59:21.473000
 CVE-2024-43622,0,0,ad575e18f1ef382f66d7c1290041cf669cb5b64261107c3aa70fa11f73f5952f,2024-11-15T23:58:33.873000
@ -281088,6 +281088,7 @@ CVE-2025-0474,0,0,82177afd4a03f9b6718aa062961dc28425e1582c17c2ed083ad764687f417f
 CVE-2025-0475,0,0,01db7095a6c7830189d7083ba5dadbe174587f0c8cb8ad9a02bc26d9e4bd7967,2025-03-07T12:32:57.013000
 CVE-2025-0476,0,0,fac19eeb41e69ef9b9ba32b4e73c5aedd599dc2dafbcc6b1f4512a698dd08737,2025-01-16T00:15:25.217000
 CVE-2025-0477,0,0,1d2c7ee2848c276d12d41f37ad7b73e6dd2826f71da2d7cb5a1d643051eaef77,2025-01-30T18:15:31.893000
+CVE-2025-0478,1,1,1f4aabb5650e840e976a0e313b3626192adad7446920b7354d6764e048c7ee47,2025-03-24T12:15:13.227000
 CVE-2025-0479,0,0,2519d0225470d49a1589a61611ed9a2d77344f18032b639d511518af5dfff43b,2025-01-20T12:15:23.563000
 CVE-2025-0480,0,0,b6ff79c1b0c358f30039b6ee5968981830198ea21cc11109addc04c2235b3def,2025-01-15T18:15:24.457000
 CVE-2025-0481,0,0,597e987c2ef3e0bab5375b6813524f432662b75635bb0bca60f6ceb98848e55a,2025-01-15T19:15:26.807000
@ -281341,6 +281342,7 @@ CVE-2025-0830,0,0,9a09f6cd59297de14c786b57843ccc6a6834be44206053ad44f69a7724007e
 CVE-2025-0832,0,0,413ae4e1569d5017dacdb94a87d43e27e5c58e09507a3074d3fd9a0a6056474e,2025-03-17T14:15:21.500000
 CVE-2025-0833,0,0,de268e8dd407a9161c80ed220626dd50e5de552fd702f4d269ab27d3c6ec8cda,2025-03-17T14:15:21.693000
 CVE-2025-0834,0,0,239a6f08c2db88ce57ab64c699932d200eff33712703b8a8f00d02b01207348f,2025-01-30T09:15:09.703000
+CVE-2025-0835,1,1,33166d94fc6ead944ec90f4453732b3faabecaa5a443995c5ba4a2e56fbdf2f3,2025-03-24T12:15:13.597000
 CVE-2025-0837,0,0,edb903a525c34e5db3f70de24ac0ad9bb2158867f6a7f92ca61239987715eef7,2025-02-24T17:08:29.033000
 CVE-2025-0838,0,0,5a9fc4e1768f097f2fc50c995427721cfd5a7a3b77299bdbe2955b9299abd536,2025-02-21T15:15:11.890000
 CVE-2025-0840,0,0,ad52784c9689f7e5a12133bf5b8e57840dc23d31e5e9f25f1808977a060838b2,2025-03-04T15:08:47.770000
@ -285741,15 +285743,15 @@ CVE-2025-26993,0,0,25d916d390de90b80a1e84bf0243f302c32b655919eea97f6f91c9f96aa38
 CVE-2025-26994,0,0,03494b736a3ca693fdaefc610166ca8a10d800440713e480c6b170f7815e45d0,2025-03-07T20:37:45.723000
 CVE-2025-26995,0,0,9f9fd1cf4c78a39e37c563908ec2c351a2e202019a39ae0f35b6be53c49be04b,2025-02-25T15:15:31.720000
 CVE-2025-26999,0,0,cdacabf1a660ac6dee9a5685fa630f6b1572dbc44af9dd2498823746cb2cfe2c,2025-03-03T14:15:57.830000
-CVE-2025-2700,1,1,3daf5ed4fac8d37a1e60950fb16b13e9cc8b939319e7b27e293d6f7c92602bc9,2025-03-24T09:15:12.930000
+CVE-2025-2700,0,0,3daf5ed4fac8d37a1e60950fb16b13e9cc8b939319e7b27e293d6f7c92602bc9,2025-03-24T09:15:12.930000
 CVE-2025-27000,0,0,1ac554f083699af2e8a7ca7e5b9fee0cf63423d6e7b9eac2cf80407f8bbcfb4d,2025-02-25T15:15:31.853000
-CVE-2025-2701,1,1,f52af690ae241a70e2d868aa2a2c224f9b58c7f9bca32767e7f0be53336d72b3,2025-03-24T09:15:13.950000
+CVE-2025-2701,0,0,f52af690ae241a70e2d868aa2a2c224f9b58c7f9bca32767e7f0be53336d72b3,2025-03-24T09:15:13.950000
 CVE-2025-27012,0,0,3a1893682864e642f849034c4092180dc7a4b18b7a6ad2f7375bac0e9841b34a,2025-02-22T16:15:32.497000
 CVE-2025-27013,0,0,9b9378b18f13319340e1f24d5072a99db201f1036e2a63d2b47d9e89c2a36e2e,2025-02-18T20:15:33.880000
 CVE-2025-27016,0,0,f2c7dbbbe198c036189ea7e0294285906759c96b4b4fc3925b1ca597f8d458ee,2025-02-18T20:15:34.013000
 CVE-2025-27017,0,0,487799b83e349646c0969a6714868b1c6a1e0d2f10d5e6737c1115cacdd0bce5,2025-03-12T17:15:50.327000
 CVE-2025-27018,0,0,c8f7642fbc1b46f7dd7b5a5853f4ce39af708a7b7c634c6a32cfcce2c8047a30,2025-03-19T19:15:47.170000
-CVE-2025-2702,1,1,f10b5877bd8a1ffb935498bbe568a491c400bbb64df68a2cd89f2a8fa1f6eb87,2025-03-24T10:15:12.943000
+CVE-2025-2702,0,1,df0262a5fd2d1f68476b97b0668292b58d225a530ead46671532bfafd32c27b5,2025-03-24T10:15:12.943000
 CVE-2025-27080,0,0,42e0a7d70009a70996fc58eb7f4ee4c8d798d6b5d13faea5a93ec59abf435a8f,2025-03-18T20:15:26.300000
 CVE-2025-27088,0,0,fbdc36eed3cad3a0ad2022cbe7aca458560a9c5f707fbc00203d874cefc235d6,2025-02-21T22:15:13.673000
 CVE-2025-27089,0,0,4c46df8a0eff7d16a653158eecc2014910418a0d0440d1d2334e56d23f56f25a,2025-02-27T20:31:27.267000