diff --git a/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json b/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json index 67842086039..c0b15ec2955 100644 --- a/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json +++ b/CVE-2023/CVE-2023-444xx/CVE-2023-44415.json @@ -2,8 +2,8 @@ "id": "CVE-2023-44415", "sourceIdentifier": "zdi-disclosures@trendmicro.com", "published": "2024-05-03T03:15:55.203", - "lastModified": "2024-11-21T08:25:51.420", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-24T12:48:35.967", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -16,6 +16,28 @@ } ], "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 8.0, + "baseSeverity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.1, + "impactScore": 5.9 + } + ], "cvssMetricV30": [ { "source": "zdi-disclosures@trendmicro.com", @@ -51,14 +73,76 @@ ] } ], + "configurations": [ + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-2150_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "1B122125-0DC1-4B89-948E-7AEDB33152BA" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-2150:-:*:*:*:*:*:*:*", + "matchCriteriaId": "06F065A1-2599-442C-AB55-DE24D47A7869" + } + ] + } + ] + }, + { + "operator": "AND", + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:dlink:dir-1260_firmware:-:*:*:*:*:*:*:*", + "matchCriteriaId": "7A09DE31-888D-4EA0-9F5D-2DA555DF9451" + } + ] + }, + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": false, + "criteria": "cpe:2.3:h:dlink:dir-1260:-:*:*:*:*:*:*:*", + "matchCriteriaId": "AF5C311E-DB22-452B-BC26-265E3A84B57C" + } + ] + } + ] + } + ], "references": [ { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1513/", - "source": "zdi-disclosures@trendmicro.com" + "source": "zdi-disclosures@trendmicro.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-1513/", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json b/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json index 9a480cef565..753b9931df8 100644 --- a/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json +++ b/CVE-2024/CVE-2024-43xx/CVE-2024-4362.json @@ -2,8 +2,8 @@ "id": "CVE-2024-4362", "sourceIdentifier": "security@wordfence.com", "published": "2024-05-22T09:15:12.393", - "lastModified": "2024-11-21T09:42:41.970", - "vulnStatus": "Undergoing Analysis", + "lastModified": "2025-03-24T12:47:20.663", + "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [ { @@ -36,33 +36,101 @@ }, "exploitabilityScore": 3.1, "impactScore": 2.7 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.3, + "impactScore": 2.7 } ] }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:siteorigin:siteorigin_widgets_bundle:*:*:*:*:*:wordpress:*:*", + "versionEndExcluding": "1.58.8", + "matchCriteriaId": "F18C8DEA-8D16-4720-A15F-4075C1283CE1" + } + ] + } + ] + } + ], "references": [ { "url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve", - "source": "security@wordfence.com" + "source": "security@wordfence.com", + "tags": [ + "Third Party Advisory" + ] }, { "url": "https://plugins.trac.wordpress.org/browser/so-widgets-bundle/trunk/base/inc/shortcode.php#L27", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] }, { "url": "https://plugins.trac.wordpress.org/changeset/3088997/so-widgets-bundle/trunk/base/inc/shortcode.php", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch" + ] }, { "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b7926ec6-3441-4062-93b2-6c2120c9f406?source=cve", - "source": "af854a3a-2127-422b-91ae-364da2661108" + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] } ] } \ No newline at end of file diff --git a/CVE-2025/CVE-2025-04xx/CVE-2025-0478.json b/CVE-2025/CVE-2025-04xx/CVE-2025-0478.json new file mode 100644 index 00000000000..189a23d36c7 --- /dev/null +++ b/CVE-2025/CVE-2025-04xx/CVE-2025-0478.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-0478", + "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "published": "2025-03-24T12:15:13.227", + "lastModified": "2025-03-24T12:15:13.227", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to issue reads and writes to arbitrary physical memory pages.\n\nUnder certain circumstances this exploit could be used to corrupt data pages not allocated by the GPU driver but memory pages in use by the kernel and drivers running on the platform, altering their behaviour." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-280" + } + ] + } + ], + "references": [ + { + "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-08xx/CVE-2025-0835.json b/CVE-2025/CVE-2025-08xx/CVE-2025-0835.json new file mode 100644 index 00000000000..02fa8b1637e --- /dev/null +++ b/CVE-2025/CVE-2025-08xx/CVE-2025-0835.json @@ -0,0 +1,33 @@ +{ + "id": "CVE-2025-0835", + "sourceIdentifier": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "published": "2025-03-24T12:15:13.597", + "lastModified": "2025-03-24T12:15:13.597", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Software installed and run as a non-privileged user may conduct improper GPU system calls to corrupt kernel heap memory." + } + ], + "metrics": {}, + "weaknesses": [ + { + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-416" + } + ] + } + ], + "references": [ + { + "url": "https://www.imaginationtech.com/gpu-driver-vulnerabilities/", + "source": "367425dc-4d06-4041-9650-c2dc6aaa27ce" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json b/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json index 5145d77a89d..49546fd5a96 100644 --- a/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json +++ b/CVE-2025/CVE-2025-27xx/CVE-2025-2702.json @@ -3,7 +3,7 @@ "sourceIdentifier": "cna@vuldb.com", "published": "2025-03-24T10:15:12.943", "lastModified": "2025-03-24T10:15:12.943", - "vulnStatus": "Received", + "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ { diff --git a/README.md b/README.md index a7cb5d03365..13ec903734c 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-24T11:00:20.025158+00:00 +2025-03-24T13:00:19.913817+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-24T10:15:12.943000+00:00 +2025-03-24T12:48:35.967000+00:00 ``` ### Last Data Feed Release @@ -33,22 +33,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -286292 +286294 ``` ### CVEs added in the last Commit -Recently added CVEs: `3` +Recently added CVEs: `2` -- [CVE-2025-2700](CVE-2025/CVE-2025-27xx/CVE-2025-2700.json) (`2025-03-24T09:15:12.930`) -- [CVE-2025-2701](CVE-2025/CVE-2025-27xx/CVE-2025-2701.json) (`2025-03-24T09:15:13.950`) -- [CVE-2025-2702](CVE-2025/CVE-2025-27xx/CVE-2025-2702.json) (`2025-03-24T10:15:12.943`) +- [CVE-2025-0478](CVE-2025/CVE-2025-04xx/CVE-2025-0478.json) (`2025-03-24T12:15:13.227`) +- [CVE-2025-0835](CVE-2025/CVE-2025-08xx/CVE-2025-0835.json) (`2025-03-24T12:15:13.597`) ### CVEs modified in the last Commit -Recently modified CVEs: `0` +Recently modified CVEs: `3` +- [CVE-2023-44415](CVE-2023/CVE-2023-444xx/CVE-2023-44415.json) (`2025-03-24T12:48:35.967`) +- [CVE-2024-4362](CVE-2024/CVE-2024-43xx/CVE-2024-4362.json) (`2025-03-24T12:47:20.663`) +- [CVE-2025-2702](CVE-2025/CVE-2025-27xx/CVE-2025-2702.json) (`2025-03-24T10:15:12.943`) ## Download and Usage diff --git a/_state.csv b/_state.csv index dae6cd498f2..ec2ebb2f80b 100644 --- a/_state.csv +++ b/_state.csv @@ -235357,7 +235357,7 @@ CVE-2023-44411,0,0,5b73d7993ecb1e03473311340db5236397f5da42eb4c3c92ec97a1c9fa2db CVE-2023-44412,0,0,6216ac153fb55d835f60246bbb50d103769c8d5dc05c43fa99141c8048ca9c0b,2024-11-21T08:25:51.077000 CVE-2023-44413,0,0,f05f5a2a2ce80d46dbf9af9fcd6d7108fdba7b335628dbc7bcd594742b01d42b,2024-11-21T08:25:51.190000 CVE-2023-44414,0,0,4863139c39a5e2444afa2bc8a31ae4d79bf72c72c7e5042970d2e09ad2ad38ad,2024-11-21T08:25:51.303000 -CVE-2023-44415,0,0,45efad2428a4ab976879b0ef8ec8942cfb6ec7485b6d91fcfb2aa672d3a0244d,2024-11-21T08:25:51.420000 +CVE-2023-44415,0,1,76624e7442dbefa7d6042a7153b0e4add907db188a8588c7070de83d297cc212,2025-03-24T12:48:35.967000 CVE-2023-44416,0,0,a8aa52de01d9bab02c5656b5193a650636dc7f0c182948154a8a159d3bab7637,2024-11-21T08:25:51.530000 CVE-2023-44417,0,0,d604d11eab16579ae507c724601dca6ac0340686b33321707acfebf29618dbd8,2024-11-21T08:25:51.660000 CVE-2023-44418,0,0,0f609b4f0722e7e7caabfa66af90176247cbc3cf793526b632257273742f8214,2024-11-21T08:25:51.780000 @@ -267084,7 +267084,7 @@ CVE-2024-43613,0,0,d7299c559a75859017911328de01e3cf012a0c38c26222986e53798dd88d1 CVE-2024-43614,0,0,c5d2c4e61e699928a9aa80596895800f4eb921603cf99ac879c7ced052428111,2024-10-21T20:50:38.370000 CVE-2024-43615,0,0,fa3ae0c75332c4f77e78f0d17ed80118371844c95c489872e0a72219eacc2cf0,2024-10-21T21:00:34.967000 CVE-2024-43616,0,0,53854d33ac39e3d7883338ceed28a977b17a47e36ed07fb5aef1617d3c509acc,2024-10-21T20:47:00.313000 -CVE-2024-4362,0,0,e9c0fcc54f4df0a33f76861faec7f998c34c51a7751c7876a47f00a2ecc5e895,2024-11-21T09:42:41.970000 +CVE-2024-4362,0,1,bb774e1e8915d69721ba8e30a59811fec618bd2752bcac57607a0c7eea514be3,2025-03-24T12:47:20.663000 CVE-2024-43620,0,0,8e0c2a1210cc0c4b2cb1627c80802cd8cf1eb8d1337fe83c819d52cdc6ca964e,2024-11-15T23:59:51.167000 CVE-2024-43621,0,0,0abee03416290603675a89e86634b63819c275cad6799db8e43c2e3aac84cbd0,2024-11-15T23:59:21.473000 CVE-2024-43622,0,0,ad575e18f1ef382f66d7c1290041cf669cb5b64261107c3aa70fa11f73f5952f,2024-11-15T23:58:33.873000 @@ -281088,6 +281088,7 @@ CVE-2025-0474,0,0,82177afd4a03f9b6718aa062961dc28425e1582c17c2ed083ad764687f417f CVE-2025-0475,0,0,01db7095a6c7830189d7083ba5dadbe174587f0c8cb8ad9a02bc26d9e4bd7967,2025-03-07T12:32:57.013000 CVE-2025-0476,0,0,fac19eeb41e69ef9b9ba32b4e73c5aedd599dc2dafbcc6b1f4512a698dd08737,2025-01-16T00:15:25.217000 CVE-2025-0477,0,0,1d2c7ee2848c276d12d41f37ad7b73e6dd2826f71da2d7cb5a1d643051eaef77,2025-01-30T18:15:31.893000 +CVE-2025-0478,1,1,1f4aabb5650e840e976a0e313b3626192adad7446920b7354d6764e048c7ee47,2025-03-24T12:15:13.227000 CVE-2025-0479,0,0,2519d0225470d49a1589a61611ed9a2d77344f18032b639d511518af5dfff43b,2025-01-20T12:15:23.563000 CVE-2025-0480,0,0,b6ff79c1b0c358f30039b6ee5968981830198ea21cc11109addc04c2235b3def,2025-01-15T18:15:24.457000 CVE-2025-0481,0,0,597e987c2ef3e0bab5375b6813524f432662b75635bb0bca60f6ceb98848e55a,2025-01-15T19:15:26.807000 @@ -281341,6 +281342,7 @@ CVE-2025-0830,0,0,9a09f6cd59297de14c786b57843ccc6a6834be44206053ad44f69a7724007e CVE-2025-0832,0,0,413ae4e1569d5017dacdb94a87d43e27e5c58e09507a3074d3fd9a0a6056474e,2025-03-17T14:15:21.500000 CVE-2025-0833,0,0,de268e8dd407a9161c80ed220626dd50e5de552fd702f4d269ab27d3c6ec8cda,2025-03-17T14:15:21.693000 CVE-2025-0834,0,0,239a6f08c2db88ce57ab64c699932d200eff33712703b8a8f00d02b01207348f,2025-01-30T09:15:09.703000 +CVE-2025-0835,1,1,33166d94fc6ead944ec90f4453732b3faabecaa5a443995c5ba4a2e56fbdf2f3,2025-03-24T12:15:13.597000 CVE-2025-0837,0,0,edb903a525c34e5db3f70de24ac0ad9bb2158867f6a7f92ca61239987715eef7,2025-02-24T17:08:29.033000 CVE-2025-0838,0,0,5a9fc4e1768f097f2fc50c995427721cfd5a7a3b77299bdbe2955b9299abd536,2025-02-21T15:15:11.890000 CVE-2025-0840,0,0,ad52784c9689f7e5a12133bf5b8e57840dc23d31e5e9f25f1808977a060838b2,2025-03-04T15:08:47.770000 @@ -285741,15 +285743,15 @@ CVE-2025-26993,0,0,25d916d390de90b80a1e84bf0243f302c32b655919eea97f6f91c9f96aa38 CVE-2025-26994,0,0,03494b736a3ca693fdaefc610166ca8a10d800440713e480c6b170f7815e45d0,2025-03-07T20:37:45.723000 CVE-2025-26995,0,0,9f9fd1cf4c78a39e37c563908ec2c351a2e202019a39ae0f35b6be53c49be04b,2025-02-25T15:15:31.720000 CVE-2025-26999,0,0,cdacabf1a660ac6dee9a5685fa630f6b1572dbc44af9dd2498823746cb2cfe2c,2025-03-03T14:15:57.830000 -CVE-2025-2700,1,1,3daf5ed4fac8d37a1e60950fb16b13e9cc8b939319e7b27e293d6f7c92602bc9,2025-03-24T09:15:12.930000 +CVE-2025-2700,0,0,3daf5ed4fac8d37a1e60950fb16b13e9cc8b939319e7b27e293d6f7c92602bc9,2025-03-24T09:15:12.930000 CVE-2025-27000,0,0,1ac554f083699af2e8a7ca7e5b9fee0cf63423d6e7b9eac2cf80407f8bbcfb4d,2025-02-25T15:15:31.853000 -CVE-2025-2701,1,1,f52af690ae241a70e2d868aa2a2c224f9b58c7f9bca32767e7f0be53336d72b3,2025-03-24T09:15:13.950000 +CVE-2025-2701,0,0,f52af690ae241a70e2d868aa2a2c224f9b58c7f9bca32767e7f0be53336d72b3,2025-03-24T09:15:13.950000 CVE-2025-27012,0,0,3a1893682864e642f849034c4092180dc7a4b18b7a6ad2f7375bac0e9841b34a,2025-02-22T16:15:32.497000 CVE-2025-27013,0,0,9b9378b18f13319340e1f24d5072a99db201f1036e2a63d2b47d9e89c2a36e2e,2025-02-18T20:15:33.880000 CVE-2025-27016,0,0,f2c7dbbbe198c036189ea7e0294285906759c96b4b4fc3925b1ca597f8d458ee,2025-02-18T20:15:34.013000 CVE-2025-27017,0,0,487799b83e349646c0969a6714868b1c6a1e0d2f10d5e6737c1115cacdd0bce5,2025-03-12T17:15:50.327000 CVE-2025-27018,0,0,c8f7642fbc1b46f7dd7b5a5853f4ce39af708a7b7c634c6a32cfcce2c8047a30,2025-03-19T19:15:47.170000 -CVE-2025-2702,1,1,f10b5877bd8a1ffb935498bbe568a491c400bbb64df68a2cd89f2a8fa1f6eb87,2025-03-24T10:15:12.943000 +CVE-2025-2702,0,1,df0262a5fd2d1f68476b97b0668292b58d225a530ead46671532bfafd32c27b5,2025-03-24T10:15:12.943000 CVE-2025-27080,0,0,42e0a7d70009a70996fc58eb7f4ee4c8d798d6b5d13faea5a93ec59abf435a8f,2025-03-18T20:15:26.300000 CVE-2025-27088,0,0,fbdc36eed3cad3a0ad2022cbe7aca458560a9c5f707fbc00203d874cefc235d6,2025-02-21T22:15:13.673000 CVE-2025-27089,0,0,4c46df8a0eff7d16a653158eecc2014910418a0d0440d1d2334e56d23f56f25a,2025-02-27T20:31:27.267000