admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-30 18:21:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-05-10T12:00:22.980827+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-05-10 12:03:59 +00:00
parent 2abcfcaeb9
commit 291c919bb0
4 changed files with 220 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
CVE-2025/CVE-2025-21xx/CVE-2025-2158.json Normal file
View File

@ -0,0 +1,64 @@
{
"id": "CVE-2025-2158",
"sourceIdentifier": "security@wordfence.com",
"published": "2025-05-10T10:15:20.227",
"lastModified": "2025-05-10T10:15:20.227",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where PHP file types can be uploaded and included, or pearcmd is enabled on a server with register_argc_argv also enabled."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security@wordfence.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "security@wordfence.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://plugins.trac.wordpress.org/browser/wp-review/tags/5.3.5/includes/functions.php",
"source": "security@wordfence.com"
},
{
"url": "https://plugins.trac.wordpress.org/browser/wp-review/tags/5.3.5/includes/shortcodes.php",
"source": "security@wordfence.com"
},
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/a058e6bf-109f-4985-8aad-08858553c4c3?source=cve",
"source": "security@wordfence.com"
}
]
}

145
CVE-2025/CVE-2025-44xx/CVE-2025-4498.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-4498",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-05-10T10:15:21.597",
"lastModified": "2025-05-10T10:15:21.597",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 1.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 4.3,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.1,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-121"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/zzzxc643/cve/blob/main/Bus%20Management%20System.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.308214",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.308214",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.567108",
"source": "cna@vuldb.com"
}
]
}

13
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-05-10T08:00:19.339312+00:00
2025-05-10T12:00:22.980827+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-05-10T07:15:44.287000+00:00
2025-05-10T10:15:21.597000+00:00
```
### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
293364
293366
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-2944](CVE-2025/CVE-2025-29xx/CVE-2025-2944.json) (`2025-05-10T06:15:48.760`)
- [CVE-2025-4497](CVE-2025/CVE-2025-44xx/CVE-2025-4497.json) (`2025-05-10T07:15:44.287`)
- [CVE-2025-2158](CVE-2025/CVE-2025-21xx/CVE-2025-2158.json) (`2025-05-10T10:15:20.227`)
- [CVE-2025-4498](CVE-2025/CVE-2025-44xx/CVE-2025-4498.json) (`2025-05-10T10:15:21.597`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2025-4175](CVE-2025/CVE-2025-41xx/CVE-2025-4175.json) (`2025-05-10T06:15:49.270`)
## Download and Usage

8
_state.csv
View File

@ -284089,6 +284089,7 @@ CVE-2025-21576,0,0,c2b8e2b8719cb6bdda50501fb9618c8a79ca61fdcbd4fca4f43ce23d37bd1
CVE-2025-21577,0,0,47b7b9a3864e360356d88ab870d4583dcc2d93d847827d17bf28ef0516e8857c,2025-04-17T21:33:40.720000
CVE-2025-21578,0,0,b9af84df29a54006ec24acc7fb9c1e39ce1ed05a8d05d33e0c01474db0c61ce0,2025-04-17T21:37:12.170000
CVE-2025-21579,0,0,15e3adec725a604043ec293ac73693aaf2a8df871e13ca1a9364cdb055b19ab9,2025-04-17T21:36:54.177000
CVE-2025-2158,1,1,6f9c9a5fc77d2977bd60107beff84d3fbb794054ca04e65273b0dc461cf95080,2025-05-10T10:15:20.227000
CVE-2025-21580,0,0,434479f6271a6a868eba478567dac5fecafa4cffa8f807d404cea22393e181a8,2025-04-17T21:39:21.173000
CVE-2025-21581,0,0,1e7536482057e8a5e04a26a2106063d2311034c44a1d3317f819334aba0feddb,2025-04-16T21:15:46.413000
CVE-2025-21582,0,0,6b1b04df812aefdc64eb8438f40eac78a8afe656b4fd4ac2f48f20481fbf6850,2025-04-21T19:46:45.210000
@ -289144,7 +289145,7 @@ CVE-2025-29427,0,0,07ee5814d6003bbfc3b892dff3a3b805bdda22bdc2e2b5147b08dff3b1ac0
CVE-2025-29429,0,0,70ed76e22abf856ea286be6fccfd66e6102b6f8a8d8567a46ea60e2a92631a4a,2025-03-25T18:46:50.230000
CVE-2025-29430,0,0,9c1050f2b9fcf4b29fb9e6c2c3c05dd42d239ca5737cbb0e54747be1037b283a,2025-03-25T18:44:43.817000
CVE-2025-29431,0,0,d467a56b9c5c57e54c01aff6a53ffdd59b78e3e6577e8a72af651975cfade5e5,2025-04-02T12:30:59.763000
CVE-2025-2944,1,1,1b7d1a5765bdb663682e637d7f425acbfede7ddd3291415c958b5344a96ac4e7,2025-05-10T06:15:48.760000
CVE-2025-2944,0,0,1b7d1a5765bdb663682e637d7f425acbfede7ddd3291415c958b5344a96ac4e7,2025-05-10T06:15:48.760000
CVE-2025-29446,0,0,21ef60637087f4496ffffebc4fc2b4422bb4fe4c5193bfdb06a1124ed8ed5076,2025-04-23T14:08:13.383000
CVE-2025-29448,0,0,c809603033f0fb03d3c98a9c9674709c11a0b409ef9279a6244b549b96190002,2025-05-08T18:15:42.393000
CVE-2025-29449,0,0,1c63852ecef2dbc2da812fd949e8ff942bebe5c5482e7cbe6370e892fc3d3c55,2025-04-25T16:28:28.240000
@ -292487,7 +292488,7 @@ CVE-2025-4171,0,0,360a008b29d1f9b54691f255e2c37431adbc4d4b98d2603e46497f0abcce59
CVE-2025-4172,0,0,6e2071d797dc74de0774e2626519ab67c844ff2b9fbe49e9ff0e7a7039192f36,2025-05-05T20:54:19.760000
CVE-2025-4173,0,0,bf481ba179fa77abaf7c10c7ea3a4798b4233f22538d3fe01f8beed112e81513,2025-05-02T18:15:27.400000
CVE-2025-4174,0,0,374a4c7153fd6e36d67a39d51e1e6a753f33240eda49b0fa60c0eb795e601fa7,2025-05-09T13:42:33.097000
CVE-2025-4175,0,1,0e49e508397d52b97eca58de7f67fa4365215dc6eedf4faf92e674efc7be9789,2025-05-10T06:15:49.270000
CVE-2025-4175,0,0,0e49e508397d52b97eca58de7f67fa4365215dc6eedf4faf92e674efc7be9789,2025-05-10T06:15:49.270000
CVE-2025-4176,0,0,02ad6ed70196134b94db0e4139435e59de2aaaa51a657ae3a4c51dcac9e3ae92,2025-05-09T13:42:13.533000
CVE-2025-4177,0,0,18882226d44879b1f094083770c0f8395e91f3c42f8d54dee40ba14e25fbf6b1,2025-05-06T15:40:15.200000
CVE-2025-4178,0,0,76bcb08a58d61fbfe8b7461a149543f28e2cc9abaf3497867b46860bbb2f7cd2,2025-05-02T18:15:27.780000
@ -292806,7 +292807,8 @@ CVE-2025-4492,0,0,ebd2b349feddf64484ae89a5766b7e3964f9d6da4c95dcf03362835615cf8f
CVE-2025-4494,0,0,a01de610cccab0377079d6a9c828713c9803cdedfd3ce9c725720975eb13b460,2025-05-09T22:15:18.150000
CVE-2025-4495,0,0,2fb4d52f5fe7f8f67d51f52065dab5eb957a2973a716b3e57dbcbc3eb12c1257,2025-05-10T01:15:51.637000
CVE-2025-4496,0,0,bf91404f2094f542f7d76e9814a5f77b44231132f1697dd15fb6374bf6036752,2025-05-10T05:15:50.610000
CVE-2025-4497,1,1,46f11930ead803f111139e6cc631ab46f1a65269d2714e160a968f4117c2a8e0,2025-05-10T07:15:44.287000
CVE-2025-4497,0,0,46f11930ead803f111139e6cc631ab46f1a65269d2714e160a968f4117c2a8e0,2025-05-10T07:15:44.287000
CVE-2025-4498,1,1,5b832e347148207155c83e2a904628f039f26171e741608111c53382f89113b6,2025-05-10T10:15:21.597000
CVE-2025-45007,0,0,5a942b67af458dcbffcc204143a4774311c59d5ad4885c5c55fb7d9c1ebbeebe,2025-05-09T13:45:28.627000
CVE-2025-45009,0,0,36c5cbb0f37a55a2bcef11b942052fc47923af5c699055a488196b4ed54c3a22,2025-05-09T13:45:16.187000
CVE-2025-45010,0,0,7ccdf81da06d785235383bdb128954b3f824247b7a63466a135a726a0edb5bff,2025-05-09T13:45:09.930000

Can't render this file because it is too large.