diff --git a/CVE-2025/CVE-2025-06xx/CVE-2025-0624.json b/CVE-2025/CVE-2025-06xx/CVE-2025-0624.json index 0cc24dcbfcf..e4ac14e03dc 100644 --- a/CVE-2025/CVE-2025-06xx/CVE-2025-0624.json +++ b/CVE-2025/CVE-2025-06xx/CVE-2025-0624.json @@ -2,7 +2,7 @@ "id": "CVE-2025-0624", "sourceIdentifier": "secalert@redhat.com", "published": "2025-02-19T19:15:15.120", - "lastModified": "2025-03-27T22:15:16.430", + "lastModified": "2025-03-31T04:15:15.547", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [ @@ -88,6 +88,10 @@ "url": "https://access.redhat.com/errata/RHSA-2025:3367", "source": "secalert@redhat.com" }, + { + "url": "https://access.redhat.com/errata/RHSA-2025:3396", + "source": "secalert@redhat.com" + }, { "url": "https://access.redhat.com/security/cve/CVE-2025-0624", "source": "secalert@redhat.com" diff --git a/CVE-2025/CVE-2025-245xx/CVE-2025-24517.json b/CVE-2025/CVE-2025-245xx/CVE-2025-24517.json new file mode 100644 index 00000000000..c80b34d991b --- /dev/null +++ b/CVE-2025/CVE-2025-245xx/CVE-2025-24517.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-24517", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-03-31T05:15:15.420", + "lastModified": "2025-03-31T05:15:15.420", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Use of client-side authentication issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-603" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/vu/JVNVU91154745/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-248xx/CVE-2025-24852.json b/CVE-2025/CVE-2025-248xx/CVE-2025-24852.json new file mode 100644 index 00000000000..70df593f711 --- /dev/null +++ b/CVE-2025/CVE-2025-248xx/CVE-2025-24852.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-24852", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-03-31T05:15:15.620", + "lastModified": "2025-03-31T05:15:15.620", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Storing passwords in a recoverable format issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, an attacker who can access the microSD card used on the product may obtain the product login password." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 4.6, + "baseSeverity": "MEDIUM", + "attackVector": "PHYSICAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 0.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-257" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/vu/JVNVU91154745/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-252xx/CVE-2025-25211.json b/CVE-2025/CVE-2025-252xx/CVE-2025-25211.json new file mode 100644 index 00000000000..f39cb7c6c30 --- /dev/null +++ b/CVE-2025/CVE-2025-252xx/CVE-2025-25211.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-25211", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-03-31T05:15:15.773", + "lastModified": "2025-03-31T05:15:15.773", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Weak password requirements issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If this issue is exploited, a brute-force attack may allow an attacker unauthorized access and login." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-521" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/vu/JVNVU91154745/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-266xx/CVE-2025-26689.json b/CVE-2025/CVE-2025-266xx/CVE-2025-26689.json new file mode 100644 index 00000000000..383d1bc3158 --- /dev/null +++ b/CVE-2025/CVE-2025-266xx/CVE-2025-26689.json @@ -0,0 +1,68 @@ +{ + "id": "CVE-2025-26689", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-03-31T05:15:15.933", + "lastModified": "2025-03-31T05:15:15.933", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all versions. If a remote attacker sends a specially crafted HTTP request to the product, the product data may be obtained or deleted, and/or the product settings may be altered." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-425" + } + ] + } + ], + "references": [ + { + "url": "https://jvn.jp/en/vu/JVNVU91154745/", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-084-04", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.inaba.co.jp/files/chocomini_vulnerability.pdf", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://www.nozominetworks.com/blog/unpatched-vulnerabilities-in-production-line-cameras-may-allow-remote-surveillance-hinder-stoppage-recording", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2974.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2974.json new file mode 100644 index 00000000000..9a467da5212 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2974.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2974", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T04:15:17.633", + "lastModified": "2025-03-31T04:15:17.633", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in CodeCanyon Perfex CRM up to 3.2.1 and classified as problematic. This vulnerability affects unknown code of the file /contract of the component Contracts. The manipulation of the argument content leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://bytium.com/stored-xss-in-perfex-crm-3-2-1-contracts-module/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302026", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302026", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.522737", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2975.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2975.json new file mode 100644 index 00000000000..e09c46539fc --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2975.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2975", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T04:15:17.927", + "lastModified": "2025-03-31T04:15:17.927", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in GFI KerioConnect 10.0.6 and classified as problematic. This issue affects some unknown processing of the file Settings/Email/Signature/EditHtmlSource of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/0xs1ash/poc/blob/main/xss.md#1-stored-xss", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302027", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302027", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.523009", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2976.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2976.json new file mode 100644 index 00000000000..9a24f76fa80 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2976.json @@ -0,0 +1,137 @@ +{ + "id": "CVE-2025-2976", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T05:15:16.090", + "lastModified": "2025-03-31T05:15:16.090", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in GFI KerioConnect 10.0.6. It has been classified as problematic. Affected is an unknown function of the component File Upload. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/0xs1ash/poc/blob/main/xss.md#2-when-a-file-with-a-malicious-javascript-code-in-its-name-is-uploaded-to-the-system-it-is-displayed-again-on-the-page-within-the-input-field-without-being-sanitized-this-creates-the-potential-for-an-xss-att", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302028", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302028", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-29xx/CVE-2025-2977.json b/CVE-2025/CVE-2025-29xx/CVE-2025-2977.json new file mode 100644 index 00000000000..e8f2e0e48a0 --- /dev/null +++ b/CVE-2025/CVE-2025-29xx/CVE-2025-2977.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2025-2977", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-03-31T05:15:16.310", + "lastModified": "2025-03-31T05:15:16.310", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in GFI KerioConnect 10.0.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component PDF File Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 5.1, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "PASSIVE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 3.5, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "baseScore": 4.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/0xs1ash/poc/blob/main/portable_data_exfiltration.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.302029", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.302029", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.523016", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3011.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3011.json new file mode 100644 index 00000000000..f228191b488 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3011.json @@ -0,0 +1,60 @@ +{ + "id": "CVE-2025-3011", + "sourceIdentifier": "twcert@cert.org.tw", + "published": "2025-03-31T04:15:19.037", + "lastModified": "2025-03-31T04:15:19.037", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "SOOP-CLM from PiExtract has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ] + }, + "weaknesses": [ + { + "source": "twcert@cert.org.tw", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://www.twcert.org.tw/en/cp-139-10049-394bd-2.html", + "source": "twcert@cert.org.tw" + }, + { + "url": "https://www.twcert.org.tw/tw/cp-132-10048-d690c-1.html", + "source": "twcert@cert.org.tw" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3013.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3013.json new file mode 100644 index 00000000000..66b5130572a --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3013.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3013", + "sourceIdentifier": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "published": "2025-03-31T04:15:21.297", + "lastModified": "2025-03-31T04:15:21.297", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insecure Direct Object References (IDOR) in access control in Customer Portal before 2.1.4 on NightWolf\u00a0Penetration Testing\u00a0allows an attacker to access via manipulating request parameters or object references." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "HIGH", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://bug.report.night-wolf.io/changelogs", + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-30xx/CVE-2025-3014.json b/CVE-2025/CVE-2025-30xx/CVE-2025-3014.json new file mode 100644 index 00000000000..55591a7b4d0 --- /dev/null +++ b/CVE-2025/CVE-2025-30xx/CVE-2025-3014.json @@ -0,0 +1,78 @@ +{ + "id": "CVE-2025-3014", + "sourceIdentifier": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "published": "2025-03-31T04:15:33.730", + "lastModified": "2025-03-31T04:15:33.730", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Insecure Direct Object References (IDOR) in access control in Tracking 2.1.4 on NightWolf Penetration Testing allows an attacker to access via manipulating request parameters or object references." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "HIGH", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "NONE", + "subConfidentialityImpact": "HIGH", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ] + }, + "weaknesses": [ + { + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-285" + } + ] + } + ], + "references": [ + { + "url": "https://bug.report.night-wolf.io/changelogs", + "source": "5ac195ad-69e7-48e7-9c1e-bfc958c39761" + } + ] +} \ No newline at end of file diff --git a/CVE-2025/CVE-2025-311xx/CVE-2025-31103.json b/CVE-2025/CVE-2025-311xx/CVE-2025-31103.json new file mode 100644 index 00000000000..d6551cf05ae --- /dev/null +++ b/CVE-2025/CVE-2025-311xx/CVE-2025-31103.json @@ -0,0 +1,64 @@ +{ + "id": "CVE-2025-31103", + "sourceIdentifier": "vultures@jpcert.or.jp", + "published": "2025-03-31T05:15:16.500", + "lastModified": "2025-03-31T05:15:16.500", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "vultures@jpcert.or.jp", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-502" + } + ] + } + ], + "references": [ + { + "url": "https://developer.a-blogcms.jp/blog/news/entry-4197.html", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://developer.a-blogcms.jp/blog/news/security-update202503.html", + "source": "vultures@jpcert.or.jp" + }, + { + "url": "https://jvn.jp/en/jp/JVN66982699/", + "source": "vultures@jpcert.or.jp" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ffed4365a51..b1bf0482cc2 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-03-31T04:00:19.982146+00:00 +2025-03-31T06:00:20.944207+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-03-31T03:15:14.267000+00:00 +2025-03-31T05:15:16.500000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,32 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -287349 +287361 ``` ### CVEs added in the last Commit -Recently added CVEs: `6` +Recently added CVEs: `12` -- [CVE-2025-1268](CVE-2025/CVE-2025-12xx/CVE-2025-1268.json) (`2025-03-31T02:15:17.097`) -- [CVE-2025-2969](CVE-2025/CVE-2025-29xx/CVE-2025-2969.json) (`2025-03-31T02:15:21.367`) -- [CVE-2025-2970](CVE-2025/CVE-2025-29xx/CVE-2025-2970.json) (`2025-03-31T02:15:21.583`) -- [CVE-2025-2971](CVE-2025/CVE-2025-29xx/CVE-2025-2971.json) (`2025-03-31T02:15:21.767`) -- [CVE-2025-2972](CVE-2025/CVE-2025-29xx/CVE-2025-2972.json) (`2025-03-31T03:15:14.013`) -- [CVE-2025-2973](CVE-2025/CVE-2025-29xx/CVE-2025-2973.json) (`2025-03-31T03:15:14.267`) +- [CVE-2025-24517](CVE-2025/CVE-2025-245xx/CVE-2025-24517.json) (`2025-03-31T05:15:15.420`) +- [CVE-2025-24852](CVE-2025/CVE-2025-248xx/CVE-2025-24852.json) (`2025-03-31T05:15:15.620`) +- [CVE-2025-25211](CVE-2025/CVE-2025-252xx/CVE-2025-25211.json) (`2025-03-31T05:15:15.773`) +- [CVE-2025-26689](CVE-2025/CVE-2025-266xx/CVE-2025-26689.json) (`2025-03-31T05:15:15.933`) +- [CVE-2025-2974](CVE-2025/CVE-2025-29xx/CVE-2025-2974.json) (`2025-03-31T04:15:17.633`) +- [CVE-2025-2975](CVE-2025/CVE-2025-29xx/CVE-2025-2975.json) (`2025-03-31T04:15:17.927`) +- [CVE-2025-2976](CVE-2025/CVE-2025-29xx/CVE-2025-2976.json) (`2025-03-31T05:15:16.090`) +- [CVE-2025-2977](CVE-2025/CVE-2025-29xx/CVE-2025-2977.json) (`2025-03-31T05:15:16.310`) +- [CVE-2025-3011](CVE-2025/CVE-2025-30xx/CVE-2025-3011.json) (`2025-03-31T04:15:19.037`) +- [CVE-2025-3013](CVE-2025/CVE-2025-30xx/CVE-2025-3013.json) (`2025-03-31T04:15:21.297`) +- [CVE-2025-3014](CVE-2025/CVE-2025-30xx/CVE-2025-3014.json) (`2025-03-31T04:15:33.730`) +- [CVE-2025-31103](CVE-2025/CVE-2025-311xx/CVE-2025-31103.json) (`2025-03-31T05:15:16.500`) ### CVEs modified in the last Commit Recently modified CVEs: `1` -- [CVE-2025-24055](CVE-2025/CVE-2025-240xx/CVE-2025-24055.json) (`2025-03-31T02:15:18.163`) +- [CVE-2025-0624](CVE-2025/CVE-2025-06xx/CVE-2025-0624.json) (`2025-03-31T04:15:15.547`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 79c56943a9c..49a312172ab 100644 --- a/_state.csv +++ b/_state.csv @@ -281433,7 +281433,7 @@ CVE-2025-0617,0,0,f628b1ad73170d04122e24ddb3e888ab06e1591d9b8c499515e522c90868af CVE-2025-0619,0,0,d6798daeef3d7924598dddc8037e69d4ae3bc1784ffc6b426878fbbb52aa2ee9,2025-01-23T11:15:10.700000 CVE-2025-0622,0,0,e47fbbd3a3a716f89e6a5dc5e99d39a7414dccef8758c28db6b0464c5f5b2e87,2025-02-18T20:15:23.570000 CVE-2025-0623,0,0,341d910d0f0f4575e107592c92f38288f68e01fe716af21df488a6d82193e481,2025-01-21T17:15:16.817000 -CVE-2025-0624,0,0,219c9ae30df91d7005895c2bd65660e673df694103bf294453d32dec62acd6a4,2025-03-27T22:15:16.430000 +CVE-2025-0624,0,1,7f95551d5b3aec04a4161f91b434f3e493d374e52187df0ff272f61641d37829,2025-03-31T04:15:15.547000 CVE-2025-0625,0,0,328c89607f451b43b59c7441ff870515136d8dcd178527014c9e23beca2d6c94,2025-03-28T19:14:20.063000 CVE-2025-0626,0,0,16ee263c85f3aad6f9b7c5ed60390a064032d53adec3f9f8437b4c73151fb8c7,2025-03-01T18:15:34.140000 CVE-2025-0628,0,0,570695b374c4ed87e2ed44b4722d7e35e02627e97784a5b85708accd345030c2,2025-03-20T10:15:53.407000 @@ -281876,7 +281876,7 @@ CVE-2025-1261,0,0,a33e974f0393407171b95a9c03d699424900964b702e13684f908e09f1dca3 CVE-2025-1262,0,0,17163c0048b85420a06d4f3fbe8ad6b4a348138bf38df6751414d0a9ed886fc3,2025-02-28T01:32:30.023000 CVE-2025-1265,0,0,bc018ef071fadf7e153cbb8aa96a03eb4bac560d27730ea77e8eae7baedae9e8,2025-02-20T20:15:46.537000 CVE-2025-1266,0,0,4994c9c1e87b7dedc2dce4e0a436027ae116cf2eed8bcb3d9cc4ca13f9be4407,2025-03-13T22:15:14.907000 -CVE-2025-1268,1,1,8ad22edc3a2a9a14062be4098a56ffa8b038bff980c5be07198df1168679dec2,2025-03-31T02:15:17.097000 +CVE-2025-1268,0,0,8ad22edc3a2a9a14062be4098a56ffa8b038bff980c5be07198df1168679dec2,2025-03-31T02:15:17.097000 CVE-2025-1269,0,0,3d8990f3f321bb84afc5ce31cc37206b4dfeae7b9639d4320eceb6f39d26cfbc,2025-02-18T14:15:28.513000 CVE-2025-1270,0,0,a0fba4bca59afda304bf8335640266a3acf6a1624640bee675db51d94e9fc436,2025-02-13T13:15:09.273000 CVE-2025-1271,0,0,0359319eae8a142a0720b34e58c3d3808902c47ddd06a524c0e8a18f2f2f366a,2025-02-13T13:15:09.433000 @@ -284730,7 +284730,7 @@ CVE-2025-24050,0,0,96b0d6d2d7280b137bb6b32fee5f429bee61ce1818c850d79656322dd5861 CVE-2025-24051,0,0,62e4c6d776991955eddf8f9fa84956d92911f7357d924edcbd1e9b911107f978,2025-03-11T17:16:27.467000 CVE-2025-24053,0,0,2c998e5eb6f912e01c89bb52688ba2a8dd4218fded0639925effa402db8e971e,2025-03-13T18:15:47.597000 CVE-2025-24054,0,0,d7c04592c90a944816d2b917a191db0500c456f1bd376113f331acc816b92a46,2025-03-11T17:16:27.660000 -CVE-2025-24055,0,1,a8b8e4cdf1af85735e51c417e608db31da64b217ea9a84bbe3faa9ab9f183fac,2025-03-31T02:15:18.163000 +CVE-2025-24055,0,0,a8b8e4cdf1af85735e51c417e608db31da64b217ea9a84bbe3faa9ab9f183fac,2025-03-31T02:15:18.163000 CVE-2025-24056,0,0,5c04f556316dbd8033fde99ee6b7a7436c924957f8339e64eeff70189003a64b,2025-03-11T17:16:28.130000 CVE-2025-24057,0,0,e93c1320ebadbbf28092c6fd0ce7c31e79b375949df78d42f385ee860a69efb1,2025-03-11T17:16:28.390000 CVE-2025-24059,0,0,f8e6ee3cf4f897c579e406829de1888b7cd9f5fbe1c2ec65ab850867bf744c50,2025-03-11T17:16:28.593000 @@ -284947,6 +284947,7 @@ CVE-2025-24506,0,0,6d0f2b92aeb54c0239442b80d645c7de8b9983e714f18d96e40f89a3734ac CVE-2025-24507,0,0,422b270ad7f0d60cc805efaa577ee203a8a40781b3fc9ddd5b1e3464f7401c91,2025-02-05T06:15:31.860000 CVE-2025-24513,0,0,5c5908095b7b8f59692c97894f2bc39950e9c619c5cca524158b823c48174aeb,2025-03-27T16:45:46.410000 CVE-2025-24514,0,0,1a64291b9861e3b81420eacf402909141500e0f7a383b259826850512f786e18,2025-03-27T16:45:46.410000 +CVE-2025-24517,1,1,27031a7d6b1035c296c3097f6b88783f4229ef3b2a6d080f9822793569cf3f7a,2025-03-31T05:15:15.420000 CVE-2025-24521,0,0,8d587ccd83944db33992c871adfb713baf82b8ebec6fcce78327a7080ffb5677,2025-03-05T16:15:39.093000 CVE-2025-24526,0,0,1e18d1f5ae98abeeaf7d844b3f89d785c7636c11b538120dbb867fa27b9c5f64,2025-02-24T08:15:10.427000 CVE-2025-24527,0,0,64c5f15d3a36426dd086cf6753a3bcfcae0a9e70014bff12440c7ea401e9bd26,2025-02-24T16:15:14.683000 @@ -285211,6 +285212,7 @@ CVE-2025-24845,0,0,b01e6a569b8cc3a4584487bdfb3da2fbed952ffc0174ca89c61a3e20ee1bf CVE-2025-24846,0,0,395a1c47127c2c7ef37d1800a5094c8ea72456277181e4a623939a06fd6c82a4,2025-03-03T09:15:39.817000 CVE-2025-24849,0,0,8e5985d51102085b2b29506fc161cb28ee1a0b2a33328ea438367fccd6fa114a,2025-02-28T17:15:17.253000 CVE-2025-2485,0,0,bec0bc87ef80d5681ca0207b35a807ec5b25f8aa9955a26545915324703deba5,2025-03-28T18:11:40.180000 +CVE-2025-24852,1,1,0741a80d503b3c05c8efde4e802d5ec526f94ffaeefc23e9b1ce3ff2884d0477,2025-03-31T05:15:15.620000 CVE-2025-24855,0,0,3b83ed2e42d12574419e7a5d93b58d3d4fa5393073d22ec518ba075ff8bdfcf5,2025-03-14T02:15:15.717000 CVE-2025-24856,0,0,de81d5fa3871c8fea36d9f92d65c776b1ac74e3aaeeb12190f8f5c33a73c1a6a,2025-03-16T04:15:14.517000 CVE-2025-24858,0,0,80a2e3e27ced5551413d1f52e03f6696ce40853726c2f8318cd2bd73891576ca,2025-01-26T07:15:09.237000 @@ -285452,6 +285454,7 @@ CVE-2025-25203,0,0,040b03b28fff3f91466e7eaa5a2d6143cc21f99e3d967437d45c81f30cd9c CVE-2025-25204,0,0,119932f98cc8b58871d029f6ccd9a89a806462d1c2b6c06ee7f6d1cb510c31af,2025-02-14T17:15:19.140000 CVE-2025-25205,0,0,53d346539ec5bb58856ce63a9d1fdca5438e2c859c2047a9cb707ece5a8bcbe8,2025-02-12T19:15:21.717000 CVE-2025-25206,0,0,9f668b067e3e448579721524d9498db32e90e7d300d6cfeef5961eac800c1c31,2025-02-14T17:15:19.327000 +CVE-2025-25211,1,1,0ac8994d607ffd78b8d70123f36572d81f001a4c84ab5ba1d6cf7618b60b6e65,2025-03-31T05:15:15.773000 CVE-2025-25220,0,0,3e48240fbed17896ea7da609293ff3c7512ec69524229da5c9de3065be015d34,2025-03-18T09:15:13.750000 CVE-2025-25221,0,0,da7f39219236daa10c6a9a322f77562859face44f96d9c55ab9ddbe74ace6d9f,2025-02-18T01:15:09.070000 CVE-2025-25222,0,0,c2ca7e3dc29f3574e03139c7399b4994d988797dae7ad6db23b85350baa3dcf1,2025-02-18T01:15:09.210000 @@ -286051,6 +286054,7 @@ CVE-2025-26658,0,0,aedc4d0eb67f4f5f0b6a3ffda635a52c1b05624552df9e00a6801f2a11a2a CVE-2025-26659,0,0,e49bb37eae4d802d08529be287a8ee45c0a41d1e6476deffc54020440698032b,2025-03-11T01:15:35.683000 CVE-2025-26660,0,0,b711a00f5dfa32959fd3c766aaf7ba4ea22e4bae0e839f8f050152da069fcd60,2025-03-11T01:15:35.837000 CVE-2025-26661,0,0,6b07aa7e41ed32b21c57e51684aeb9e36856ccd243be242f1a25b61ed08c5995,2025-03-11T01:15:35.993000 +CVE-2025-26689,1,1,c9beae4491e6d4b4de9a3b92de4ea1d9cde8d8da4d43e4c144c949a3dc97594e,2025-03-31T05:15:15.933000 CVE-2025-26695,0,0,e239201bb929150b03ad07ffb8d312f400377d1f1cfc7d0e42902c7137896acf,2025-03-12T19:15:40.450000 CVE-2025-26696,0,0,c788dec0a12ae5bdd6b81aed962f6239947be4d264a5b176d5302dfebc47d49c,2025-03-11T20:15:17.523000 CVE-2025-26698,0,0,02e1c85350f9590f950db8be3fe5f72c9485333903c0f224a4be86e1fd66bec5,2025-02-26T13:15:41.983000 @@ -286922,12 +286926,16 @@ CVE-2025-2965,0,0,ca30ec54806de204f68473d4384fb878343a159e22554244bec17979a1a1d2 CVE-2025-2966,0,0,337b112ac2971ec98b1bcb201e9bbb3293d96bf5a3a61b4fea7d3cc98a57603f,2025-03-31T00:15:14.633000 CVE-2025-2967,0,0,0466d496cdb31951753d98574cf5b01d0c507f87266ba4b977181a8abfdbc7a8,2025-03-31T01:15:40.113000 CVE-2025-2968,0,0,dc093bfbb8686bf3ae9cc9cf59813c15185884da5b9ac38e74fa0b665f3c44b1,2025-03-31T01:15:40.303000 -CVE-2025-2969,1,1,3608224f8d0d3c8d97392271f1ab8428e91ba35de9c9d5d3dc3afe1b43eff756,2025-03-31T02:15:21.367000 -CVE-2025-2970,1,1,63e0c65c94f9ed1dfbde9c28eea9f132666a924c7d81b099292abb9f72f8d746,2025-03-31T02:15:21.583000 -CVE-2025-2971,1,1,69fd4b42e8f58c8fbd2dfcef525eae7e76e6fc9f29f2f2d64eb54b30a09f6bde,2025-03-31T02:15:21.767000 -CVE-2025-2972,1,1,dceb9a04e1e98273fe83442e3ae3073b787e6734cb403569022a42bca35d9c48,2025-03-31T03:15:14.013000 -CVE-2025-2973,1,1,71c0d39615a793b2507e0b77d00354b96a970ee32139f59d9ed67f22f4be28ba,2025-03-31T03:15:14.267000 +CVE-2025-2969,0,0,3608224f8d0d3c8d97392271f1ab8428e91ba35de9c9d5d3dc3afe1b43eff756,2025-03-31T02:15:21.367000 +CVE-2025-2970,0,0,63e0c65c94f9ed1dfbde9c28eea9f132666a924c7d81b099292abb9f72f8d746,2025-03-31T02:15:21.583000 +CVE-2025-2971,0,0,69fd4b42e8f58c8fbd2dfcef525eae7e76e6fc9f29f2f2d64eb54b30a09f6bde,2025-03-31T02:15:21.767000 +CVE-2025-2972,0,0,dceb9a04e1e98273fe83442e3ae3073b787e6734cb403569022a42bca35d9c48,2025-03-31T03:15:14.013000 +CVE-2025-2973,0,0,71c0d39615a793b2507e0b77d00354b96a970ee32139f59d9ed67f22f4be28ba,2025-03-31T03:15:14.267000 +CVE-2025-2974,1,1,03c9d6549803ce2a83a8b5cb8e5bf9f28782a7d478987a9b985678a72c54e7cd,2025-03-31T04:15:17.633000 +CVE-2025-2975,1,1,54e4db29e6cd8e0854e5ae29ed995f3031619b872dddf128886ac54be5b16384,2025-03-31T04:15:17.927000 +CVE-2025-2976,1,1,b7586ea3a689e9721adedc5d4021b4eeab053eda769dec92478da646b4214af8,2025-03-31T05:15:16.090000 CVE-2025-29768,0,0,492de4cf9bc586f0c097ff358f0d6522edec16b3a3700b1c85d835d10d900b1f,2025-03-13T17:15:37.623000 +CVE-2025-2977,1,1,016b99a65b42725cfd4a2d138d7bd1a9f4b5c5a184a0d45b000c90090c56cf70,2025-03-31T05:15:16.310000 CVE-2025-29770,0,0,64a7761b4081159cba0465c32543c25f86c7bc3fdca10868943a613198ef8db7,2025-03-19T16:15:31.977000 CVE-2025-29771,0,0,40341ca82018118ee52a3bd3891794f5bfb5824a75c694db796b525153dba5da,2025-03-14T19:15:48.847000 CVE-2025-29773,0,0,a0c99e5f4c0b4eb6eb4d5e0663a9bd84830dc80c9b3c22b7d3ef4fb28b96c270,2025-03-13T19:15:52.257000 @@ -286989,6 +286997,7 @@ CVE-2025-30093,0,0,655931c237d66508239faf3d38e961694a438293c2ddfd8c753f3093a3e9d CVE-2025-30106,0,0,d0ec2fed531a791fcdb7e275c6cc676f11c96b4c23a970884370a41e87a3b6a0,2025-03-21T17:15:40.227000 CVE-2025-30107,0,0,7ae7d3e2db9a3bcfc7100b14968701083bbe2237ed720df55c99fa3bf4e70491,2025-03-24T22:15:14.450000 CVE-2025-30109,0,0,c697d3ced89db3fb240ff33efe8653842b736020e748d3eead592e6135cb99ac,2025-03-21T17:15:40.447000 +CVE-2025-3011,1,1,b4673d4bb3c6b6dd74def09fba0ba773e7a47fa61349dfcac14acdff0fbfea11,2025-03-31T04:15:19.037000 CVE-2025-30110,0,0,f846e38b869cd6ea0f6cbe74784129a846c49031188f9bef75c8d86a69a1a7c2,2025-03-21T17:15:40.657000 CVE-2025-30111,0,0,022a112bd538be311c9cdaaab39fc2ba1c3d75e68ed7094f343c00ba2f79f7ae,2025-03-24T22:15:14.610000 CVE-2025-30112,0,0,f5f2d0f2ef96c31117a42f2d7c2087bd7dc34164abd0725a29f6c02790bcfa24,2025-03-27T16:45:46.410000 @@ -287000,10 +287009,12 @@ CVE-2025-30117,0,0,f2848c723174ae6913274a313c525a3160dfb0080d5f9ad1ceea829a51c7e CVE-2025-30118,0,0,63bb6fe6df661494db5327da07bd867838234c34a82e4f268cbe5bdf2fffb41d,2025-03-27T16:45:46.410000 CVE-2025-30122,0,0,c1d95302660e92c024ec5fc6b6a580530031934f019c4b2b9b52ef0f1377e16a,2025-03-21T14:15:17.523000 CVE-2025-30123,0,0,2971729320ad92fd03f998696461ed7cc92e08495aa1f702cd91222eaa49f43d,2025-03-21T18:15:39.737000 +CVE-2025-3013,1,1,8df09899bbb51247745cb5a1422fe94cb0e59e3c551d4f6578f2cab06ea2b46c,2025-03-31T04:15:21.297000 CVE-2025-30132,0,0,6dd8c4b2ac9edac69820a35ebc388d786aab74afcd8113c3b2124d47b6d5313e,2025-03-21T14:15:17.687000 CVE-2025-30137,0,0,a3d82e5392a7ae9bb6e2b55e909849c73823035f2bbd28f1fff1c4aabebfc1e6,2025-03-25T17:16:24.817000 CVE-2025-30138,0,0,bf5f227b0c2a0f863e4324d085b375acb0c6ca2ad33a79fc1cc381e277aa2d5f,2025-03-25T17:16:25.520000 CVE-2025-30139,0,0,d294017f68c6a76a70a7f43c006bdc1e561faff86521c13bc4f4cadccb328ce9,2025-03-25T16:15:26.627000 +CVE-2025-3014,1,1,cbdc448c6b7bd93925dcacf3b6fe1ab0cd323401dc284d599f3e921fa877d746,2025-03-31T04:15:33.730000 CVE-2025-30140,0,0,27c42b89efbaaf1c6c2587fb58094673d3d04747335077901d13fd99670ae8bb,2025-03-25T16:15:26.790000 CVE-2025-30141,0,0,4828215ddc551f721f9119cc66fd0b6301157a9edecaa8b1bbaf43bada37f987,2025-03-25T16:15:26.960000 CVE-2025-30142,0,0,e6345e1b8b1602cf6baee1bb466c15695f398722ed692cc5b3b87414578f99b0,2025-03-25T16:15:27.130000 @@ -287285,6 +287296,7 @@ CVE-2025-31096,0,0,8ca3a285f269aad50201bec6c5b5176c2aa3543ce31a05030bca7554320f0 CVE-2025-31099,0,0,4c86dd21b4f050e9ca4bfab4f784a4375f6ca35560b038f877abe5e3229cb539,2025-03-28T18:11:40.180000 CVE-2025-31101,0,0,2cf8e74c917f5eb2b3dea3e0d7d8600ede97a2ef0d0ab55822bb3d149c95f86d,2025-03-28T18:11:40.180000 CVE-2025-31102,0,0,4ae39b1d21bf9a7659387386638726b4f9a10b166abb1ef9aceb0d97fc5360a2,2025-03-28T18:11:40.180000 +CVE-2025-31103,1,1,8675e6b85da98cba4a671d28083cbb77e457649c5dad292cd6fe06e762850fb3,2025-03-31T05:15:16.500000 CVE-2025-31105,0,0,3ea420eb0f78514b1d8574d41cb07f9b0316bbcde24f1aa0f802339e7a9adf19,2025-03-27T04:15:27.447000 CVE-2025-31106,0,0,9cd943c74a3d3aeb9d7fce7b86609160c2b3b46f9adb8d4161fa966b85a9a529,2025-03-27T04:15:28.007000 CVE-2025-31107,0,0,8505daa1494574bd4bf6fc3a5ca5fa621c0917e37c7c10d9dd14774eec62a678,2025-03-27T04:15:28.073000